CVE-2026-15300 - GEO my WP <= 4.5.4 - Unauthenticated SQL Injection via 'distance' / 'lat' / 'lng' Parameters
CVE ID :CVE-2026-15300 Published : July 10, 2026, 5:16 a.m. | 1 hour, 16 minutes ago Description :The GEO my WP plugin for WordPress was vulnerable to SQL Injection via the 'distance', 'lat', and 'lng' parameters in versions up to, and including, 4.5.4. The values were read from...