Sensitive Data Exposure in ZAYTECH Smart Online Order for Clover
CVE-2026-42746

7.3HIGH

Key Information:

Vendor: WordPress
Status: Smart Online Order For Clover
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-42746?

The Smart Online Order for Clover product from ZAYTECH contains a vulnerability that allows embedded sensitive data to be retrieved during interactions. This issue specifically affects versions up to 1.6.0 and poses a risk of unauthorized access to sensitive information, potentially impacting user privacy and data confidentiality.

Affected Version(s)

Smart Online Order for Clover 0 <= 1.6.0

References

https://patchstack.com/database/Wordpress/Plugin/clover-o...

vdb-entry

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Apr 29, 2026

Credit

she11f | Patchstack Bug Bounty Program

CVE-2026-42746 Data

JSON