All 2 CVE vulnerabilities found in SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager, with AI-generated Chinese analysis, references, and POCs.
Vendor: phppoet
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-12137 | SysBasics Customize My Account for WooCommerce <= 4.3.6 - Reflected Cross-Site Scripting via 'tab' Parameter CWE-79 | 6.1 | Medium | 2026-06-18 |
| CVE-2026-12136 | SysBasics Customize My Account for WooCommerce <= 4.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes CWE-79 | 6.4 | Medium | 2026-06-18 |
All 2 known CVE vulnerabilities affecting SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager with full Chinese analysis, references, and POCs where available.