WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.A SQL injection vulnerability exists in the WordPress Ni WooCommerce Custom Order Status plugin, which stems from the lack of validation of external input SQL statements by the get query() function. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.