A vulnerability categorized as critical has been discovered in WBW Plugins Product Filter Plugin up to 3.1.2 on WordPress. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to sql injection. This vulnerability is handled as CVE-2026-39494 . The attack can be executed remotely. There is not any exploit available.