CSRF Vulnerability in Sync-basalam Plugin for WooCommerce
CVE-2026-61956
7.1HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 13 July 2026
What is CVE-2026-61956?
The Sync-basalam plugin for WooCommerce is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw enables an attacker to execute unauthorized actions on behalf of an authenticated user, potentially compromising user data and site functionality. The issue affects versions of Sync-basalam up to and including 1.9.1, making it crucial for site administrators to apply necessary security patches and updates to mitigate the risks associated with this vulnerability.
Affected Version(s)
ووسلام – همگام سازی ووکامرس و باسلام 0 <= 1.9.1