A vulnerability identified as critical has been detected in wpxpo WowStore Plugin up to 4.4.3 on WordPress. Affected is an unknown function. Performing a manipulation results in sql injection. This vulnerability is cataloged as CVE-2026-2579 . It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.