CVE-2026-12136 | phppoet SysBasics Customize My Account for WooCommerce Plugin Shortcode wcmamtx_get_avatar_default cross site scripting (EUVD-2026-37859)

A vulnerability was found in phppoet SysBasics Customize My Account for WooCommerce Plugin up to 4.3.6 on WordPress. It has been declared as problematic. This affects the function wcmamtx_get_avatar_default of the component Shortcode Handler. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-12136. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More