Sensitive Information Exposure in APIExperts Square for WooCommerce Plugin
CVE-2026-54848
8.3HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 25 June 2026
What is CVE-2026-54848?
A vulnerability exists in the APIExperts Square for WooCommerce plugin that allows attackers to retrieve embedded sensitive data from requests. The flaw, present in versions from n/a up to 4.7.3, could facilitate unauthorized access to critical information, posing significant risks to data security and user privacy. Sites using this plugin should take immediate action to apply patches and safeguard against potential exploitation.
Affected Version(s)
APIExperts Square for WooCommerce <= 4.7.3