cleantalk
Vulnerabilities and Security Researches

Smart Online Order for Clover, CVE-2026-42738

CVE, Research URL

CVE-2026-42738

Home page URL

Security reports for Smart Online Order for Clover

Application

Smart Online Order for Clover

Published on
May 27, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0.
Affected versions
max 1.6.1.
Status
vulnerable
Previous vulnerability researches
Simple GDPR Cookie Compliance (CVE-2026-24604) , Jan 27, 2026
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
New vulnerability
Breeze &#8211; WordPress Cache Plugin (CVE-2026-2128) , May 30, 2026
Frontend Admin by DynamiApps (CVE-2026-6226) , May 30, 2026
Frontend Admin by DynamiApps (CVE-2026-7802) , May 30, 2026
EventPress (CVE-2026-6268) , May 30, 2026
WPComplete (CVE-2026-42750) , May 30, 2026