Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Wolmart Core: Blind SQL Injection in User Data
CVE-2025-69337
Summary
A fault in Wolmart Core's database handling allows attackers to extract sensitive information by manipulating user input. This could, for example, allow hackers to access user passwords or other sensitive data. Update to version 1.9.7 or later to fix this issue.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through <= 1.9.6.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026