CVE Catalog
CVE-2026-49779
MediumCVSS 6.5Summary
The Tax Exempt for WooCommerce plugin version 1.9.3 and earlier contains a Customer Path Traversal vulnerability that allows unauthorized access to files outside the root directory.
Risk Assessment
An attacker can exploit this vulnerability to read sensitive configuration files or customer data, leading to a breach of system confidentiality and integrity.
Recommendation
Immediately update the Tax Exempt for WooCommerce plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.

