CVE-2026-3523
Description
The Apocalypse Meow plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 22.1.0. This is due to a flawed logical operator in the type validation check on line 261 of ajax.php — the condition uses && (AND) instead of || (OR), causing the in_array() validation to be short-circuited and never evaluated for any non-empty type value. Combined with stripslashes_deep() being called on line 101 which removes wp_magic_quotes() protection, attacker-controlled single quotes pass through unescaped into the SQL query on line 298. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected products
1- Range: <=22.1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- plugins.trac.wordpress.org/browser/apocalypse-meow/tags/22.1.0/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/tags/22.1.0/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/tags/22.1.0/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/tags/22.1.0/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/trunk/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/trunk/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/trunk/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/browser/apocalypse-meow/trunk/lib/blobfolio/wp/meow/ajax.phpnvd
- plugins.trac.wordpress.org/changesetnvd
- www.wordfence.com/threat-intel/vulnerabilities/id/a1af9757-23e9-41d2-bbcd-15b0610b6538nvd
News mentions
0No linked articles in our index yet.