Title: SQL Injection vulnerability?
Last modified: January 17, 2018

---

# SQL Injection vulnerability?

 *  Resolved [bella2011](https://wordpress.org/support/users/bella2011/)
 * (@bella2011)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/sql-injection-vulnerability-10/)
 * Sucuri recently sent out a notification (1/16/2018) to all customers that it 
   discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist
   plugin for WordPress.
 * Is there a known issue with the YITH WooCommerce Ajax Product Filter as well?
   Please advise.

Viewing 1 replies (of 1 total)

 *  Plugin Author [YITHEMES](https://wordpress.org/support/users/yithemes/)
 * (@yithemes)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/sql-injection-vulnerability-10/#post-9926404)
 * Hi,
 * no, don’t worry there aren’t any know issue related to SQL injection to Ajax 
   Product Filter plugin.
    The YITH WooCommerce Ajax Product filter plugin don’t
   make any SQL query because our plugin simply ask to WooCommerce the filtered 
   product list.
 * About Wishlist plugin, our team have already solved the issue and sent a new 
   version to fix it for all users.
 * Thanks for your reporting.

Viewing 1 replies (of 1 total)

The topic ‘SQL Injection vulnerability?’ is closed to new replies.

 * ![](https://ps.w.org/yith-woocommerce-ajax-navigation/assets/icon-256x256.gif?
   rev=3129944)
 * [YITH WooCommerce Ajax Product Filter](https://wordpress.org/plugins/yith-woocommerce-ajax-navigation/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/yith-woocommerce-ajax-navigation/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/yith-woocommerce-ajax-navigation/)
 * [Active Topics](https://wordpress.org/support/plugin/yith-woocommerce-ajax-navigation/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/yith-woocommerce-ajax-navigation/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/yith-woocommerce-ajax-navigation/reviews/)

## Tags

 * [sql](https://wordpress.org/support/topic-tag/sql/)

 * 1 reply
 * 2 participants
 * Last reply from: [YITHEMES](https://wordpress.org/support/users/yithemes/)
 * Last activity: [8 years, 2 months ago](https://wordpress.org/support/topic/sql-injection-vulnerability-10/#post-9926404)
 * Status: resolved