Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/05/27 11:53 a.m.37 views

CVE-2026-48971 WordPress Product Import Export for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in WebToffee Product Import Export for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Import Export for WooCommerce: from n/a through 2.5.6...

4.3CVSS0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-15510

Malicious code in bioql PyPI...

7.1CVSS7.6AI score0.00116EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/18 4:2 p.m.13 views

CVE-2025-48144

Cross-Site Request Forgery CSRF vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through = 1.6.2...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 4:15 p.m.11 views

CVE-2025-48144

Cross-Site Request Forgery CSRF vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through = 1.6.2...

7.1CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.16 views

CVE-2025-48144 WordPress Import Export For WooCommerce plugin <= 1.6.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through = 1.6.2...

7.1CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.27 views

CVE-2025-48144

CVE-2025-48144 is a CSRF-to-Stored XSS vulnerability in the WordPress plugin “Import Export For WooCommerce” affecting versions up to 1.6.2. Public sources in the provided documents confirm a Cross-Site Request Forgery vulnerability that enables Stored XSS, but no patched version or mitigation is...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.9 views

CVE-2025-48144 WordPress Import Export For WooCommerce plugin <= 1.6.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in sidngr Import Export For WooCommerce allows Stored XSS. This issue affects Import Export For WooCommerce: from n/a through 1.6.2...

7.1CVSS6.8AI score0.00116EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.4 views

WordPress plugin Import Export For WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/01/17 11:13 a.m.279 views

Exploit for CVE-2024-54262

CVE-2024-54262 Exploit CVE-2024-54262: Arbitrary File Upload i...

9.9CVSS9.8AI score0.01402EPSS
Exploits2
NVD
NVD
added 2024/12/13 3:15 p.m.14 views

CVE-2024-54262

Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through = 1.6.2...

9.9CVSS0.01402EPSS
Exploits2References1
CVE
CVE
added 2024/12/13 2:24 p.m.92 views

CVE-2024-54262

CVE-2024-54262 concerns the WordPress plugin Import Export For WooCommerce (versions up to 1.5). The vulnerability is described as Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a web shell to the web server. Public sources (Red Hat advisory) corroborate the same ...

9.9CVSS7.2AI score0.01402EPSS
Exploits2References1
CVE
CVE
added 2024/10/17 5:33 p.m.47 views

CVE-2024-49244

CVE-2024-49244 describes a SQL Injection in the cmssoft CSV Product Import Export for WooCommerce plugin, affecting versions 1.0.0 and earlier. The vulnerability stems from improper sanitization of input used in SQL commands. Public records (NVD, Red Hat, Patchstack) list the vulnerability with C...

8.5CVSS5.9AI score0.00384EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/26 8:13 p.m.15 views

CVE-2024-43259 WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through = 3.23...

5.3CVSS5.2AI score0.0037EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.6 views

PT-2024-23277 · Webtoffee · Product Import Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Import Export for WooCommerce versions n/a through 2.4.1 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the WebToffee Product Import Export for WooCommerce. Recommendations: For...

9.1CVSS9.5AI score0.00603EPSS
Exploits0References6
Rows per page
Query Builder