CVE Catalog

CVE-2026-57637

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

Unauthenticated Cross Site Request Forgery (CSRF) vulnerability in Abandoned Cart Lite for WooCommerce versions up to 6.8.0. An attacker can trick an administrator into performing unintended actions without their knowledge.

Risk Assessment

The risk involves the possibility of performing unauthorized operations in the WooCommerce admin panel, such as modifying settings or deleting data, without required authentication.

Recommendation

It is recommended to immediately update the Abandoned Cart Lite for WooCommerce plugin to the latest available version that fixes this vulnerability.

Original NVD description (English source)

Unauthenticated Cross Site Request Forgery (CSRF) in Abandoned Cart Lite for WooCommerce <= 6.8.0 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS