Summary A critical Remote Code Execution vulnerability in WooCommerce Delivery Notes <= 5.8.0 allowed attackers to inject PHP code into plugin settings. The malicious code executed when any admin or the backend printed an invoice via DomPDF, installing backdoors and creating unauthorized admin accounts. This vulnerability was publicly disclosed in December 2025 and is actively… The post Security Advisory: WooCommerce Delivery Notes RCE Exploit (CVE-2025-13773) appeared first on Gingerlime.
No comments yet. Log in to reply on the Fediverse. Comments will appear here.