{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27039", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-17T13:23:18.875Z", "datePublished": "2026-03-25T16:14:52.135Z", "dateUpdated": "2026-03-25T16:14:52.135Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected", "packageName": "woozone", "product": "WZone", "vendor": "AA-Team", "versions": [{"lessThanOrEqual": "<= 14.0.31", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:31.088Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.<p>This issue affects WZone: from n/a through <= 14.0.31.</p>"}], "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31."}], "impacts": [{"capecId": "CAPEC-7", "descriptions": [{"lang": "en", "value": "Blind SQL Injection"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:52.135Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress-wzone-plugin-14-0-31-sql-injection-vulnerability?_s_id=cve"}], "title": "WordPress WZone plugin <= 14.0.31 - SQL Injection vulnerability"}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31."}], "id": "CVE-2026-27039", "lastModified": "2026-03-25T17:16:53.310", "metrics": {}, "published": "2026-03-25T17:16:53.310", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress-wzone-plugin-14-0-31-sql-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-25T18:47:53.157255+00:00", "value": {"mitigation_remediation": ["Upgrade the WZone plugin to version 14.0.32 or later", "If an upgrade is not immediately possible, deactivate or uninstall the plugin to eliminate the attack surface", "Review database logs for unauthorized queries and consider rotating database credentials", "Implement a web application firewall rule set that blocks suspicious SQL patterns"], "summary": {"action": "Patch Immediately", "impact": "SQL Injection"}, "threat_synthesis": {"affected_systems": "The flaw affects any installation of the WZone plugin up through version 14.0.31, inclusive. Sites running WordPress with this plugin version are at risk. No other version or product is listed as affected in the available information, and the vendor\u2019s catalog identifies the plugin as the sole impacted component.", "description_and_impact": "The vulnerability arises from improper neutralization of special characters in SQL statements within the WZone plugin, enabling blind SQL injection. An attacker can send crafted input that the plugin passes directly to the database, allowing execution of arbitrary SQL queries. This could lead to unauthorized data access, credential theft, or, if the database permits, further privilege escalation or remote code execution. The weakness corresponds to standard SQL Injection (CWE\u201189).", "risk_and_exploitability": "Concrete exploitation evidence or CVSS scoring is not present in the advisory, but the potential for data compromise is high given the plugin\u2019s deep database integration. Attackers could likely trigger the vulnerability by targeting specific plugin endpoints via HTTP requests. The absence of a public exploitation record suggests limited active use, yet the widespread deployment of the plugin warrants proactive mitigation. Because the vulnerability is catalogued but not yet exploited, the risk is considered significant for affected sites."}}}}, "created": "2026-03-25T21:44:14.510961+00:00", "updated": "2026-03-25T21:44:14.510996+00:00", "vendors": []}