CVE-2026-49056
7.5 HIGHUnauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions
Published: 2026-06-15 · Last updated: 2026-06-15
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-497
Description
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-49056
- [Other]https://patchstack.com/database/wordpress/plugin/print-invoices-packing-slip-labels-for-woocommerce/vulnerability/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-9-4-sensitive-data-exposure-vulnerability?_s_id=cve
Related CVEs
Same CWE
- CVE-2026-9307 — A sensitive information disclosure security issue exists within the affected CompactLogix controllers
- CVE-2026-52694 — Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions (7.5 HIGH)
- CVE-2026-49068 — Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions (7.5 HIGH)
- CVE-2026-49066 — Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions (7.5 HIGH)
- CVE-2026-48878 — Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions (6.5 MEDIUM)