WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers.A SQL injection vulnerability exists in versions of WordPress prior to Astra Pro Addon Plugin 3.5.2, which stems from astra_pagination_infinite and astra_shop_pagination_ infinite lacks validation of external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.