PatchSiren

algolplus CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM algolplus CVE published 2026-06-18

CVE-2026-11360

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to generic SQL Injection via the 'sort_direction' parameter in all versions up to, and including, 4.0.10. This vulnerability allows authenticated attackers with shop manager-level access and above to append additional SQL queries into existing queries, potentially leading to sensitive information extraction from the database.