CVE Catalog
CVE-2026-57637
MediumCVSS 4.3Summary
Unauthenticated Cross Site Request Forgery (CSRF) vulnerability in Abandoned Cart Lite for WooCommerce versions up to 6.8.0. An attacker can trick an administrator into performing unintended actions without their knowledge.
Risk Assessment
The risk involves the possibility of performing unauthorized operations in the WooCommerce admin panel, such as modifying settings or deleting data, without required authentication.
Recommendation
It is recommended to immediately update the Abandoned Cart Lite for WooCommerce plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Unauthenticated Cross Site Request Forgery (CSRF) in Abandoned Cart Lite for WooCommerce <= 6.8.0 versions.

