{"uuid": "cc4f3bef-65c0-4c6a-a5c8-84b9d8720e3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39511", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mlbu4gi6bs26", "content": "CVE-2026-39511: How Kills \u2013 Unauthenticated SQL Injection in 10K WordPress Sites +\u00a0Video\n\nIntroduction: A seemingly harmless call to `stripslashes()` after `prepare()` can completely neutralize SQL injection defenses. In CVE-2026-39511, a WordPress plugin with 10,000 active installations fell\u2026", "creation_timestamp": "2026-05-07T18:33:38.551039Z"}