HIGH
Flintop
CVE published 2026-07-13
CVE-2026-57396
A Stored XSS vulnerability was found in the Free Gifts for WooCommerce plugin, affecting versions from n/a through 13.1.0. The vulnerability has a CVSS score of 7.1 and a HIGH severity rating. This issue allows attackers to inject malicious scripts, potentially leading to unauthorized actions on behalf of authenticated users. Users of Free Gifts for WooCommerce, especially those with untrusted users uploa [truncated]