OffSequence
🚨 CRITICAL: CVE-2026-9065 in brainstormforce SureCart <4.2.1 allows authenticated SQL injection via REST API ('/surecart/v1/integrations/{id}'). Exploit bypasses escaping with a dot in payloads — full DB extraction possible. Patch now! https://radar.offseq.com/threat/cve-2026-9065-cwe-89-improper-neutralization-of-sp-8901e797 #OffSeq #SQLInjection #WordPress
May 20 at 9:00amWeb