CVE Catalog
CVE-2026-56042
HighCVSS 7.1Summary
There is a Cross Site Scripting (XSS) vulnerability in Advanced Order Export For WooCommerce versions <= 4.0.9 that can be exploited by attackers to inject malicious code.
Risk Assessment
This vulnerability may lead to user data theft and session hijacking, posing a serious threat to the application's security and customer data.
Recommendation
It is recommended to update the plugin to the latest version to mitigate this vulnerability and conduct a security audit of the application.
Original NVD description (English source)
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.

