CVE-2026-9662
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk13th percentile - higher than 13% of all known CVEs
Summary
The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to and including 1.0.3. This is due to insufficient validation and sanitization of the user-controlled `tpf` POST parameter before it is used in an `include()` path in the `recover_exit()` function.
Risk Assessment
Unauthenticated attackers can exploit this vulnerability to perform path traversal, potentially leading to sensitive information exposure and, in certain deployment chains, code execution.
Recommendation
It is recommended to update the plugin to the latest version to mitigate this vulnerability. Additionally, conducting a security audit of the application to identify potential threats is advisable.
Original NVD description (English source)
The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to and including 1.0.3. This is due to insufficient validation and sanitization of the user-controlled `tpf` POST parameter before it is used in an `include()` path in the `recover_exit()` function. This makes it possible for unauthenticated attackers to perform path traversal and include unintended local PHP files, which can lead to sensitive information exposure and, in certain deployment chains, code execution.

