A vulnerability was found in bojansliskovicglscroatiacom GLS Shipping for WooCommerce Plugin up to 1.4.0 on WordPress and classified as problematic . This affects an unknown function. The manipulation of the argument failed_orders results in cross site scripting. This vulnerability is reported as CVE-2026-6417 . The attack can be launched remotely. No exploit exists.