CVE Catalog

CVE-2026-56060

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

The Print Invoice & Delivery Notes for WooCommerce plugin version 7.1.1 and earlier allows unauthenticated attackers to access sensitive data. This vulnerability is due to missing proper authorization, enabling disclosure of confidential information without requiring login.

Risk Assessment

The risk involves potential leakage of customer data, such as personal information or order details, which may violate user privacy and data protection regulations (e.g., GDPR).

Recommendation

It is recommended to immediately update the plugin to the latest available version that fixes this vulnerability. Also, check for any unauthorized access to data.

Original NVD description (English source)

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS