CVE Catalog

CVE-2026-56042

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Summary

There is a Cross Site Scripting (XSS) vulnerability in Advanced Order Export For WooCommerce versions <= 4.0.9 that can be exploited by attackers to inject malicious code.

Risk Assessment

This vulnerability may lead to user data theft and session hijacking, posing a serious threat to the application's security and customer data.

Recommendation

It is recommended to update the plugin to the latest version to mitigate this vulnerability and conduct a security audit of the application.

Original NVD description (English source)

Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS