This vulnerability in robindkumar Wr Age Verification (versions <= 2.0.0) is due to improper neutralization of special elements in SQL commands, leading to SQL Injection. The CVSS 3.1 score is 8.5 (high), with attack vector network, low attack complexity, low privileges required, no user interaction, scope changed, high confidentiality impact, no integrity impact, and low availability impact. The vulnerability allows remote attackers to inject SQL commands, potentially compromising data confidentiality and causing partial service disruption.

Successful exploitation can lead to unauthorized disclosure of sensitive information due to high confidentiality impact and partial denial of service due to low availability impact. Integrity is not affected. There are no known active exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider disabling or restricting access to the affected plugin to mitigate risk. Monitor vendor channels for updates and apply patches promptly once released.