CYBERHAWK / CVE / CVE-2026-9662

CVE-2026-9662

HIGH CVSS 8.1 other

The flaw

The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to and including 1.0.3. This is due to insufficient validation and sanitization of the user-controlled `tpf` POST parameter befor

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-9662

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits