Lucene search
+L

137 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.11 views

CVE-2020-36748

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

4.3CVSS6.5AI score0.00464EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 12:15 p.m.3 views

CVE-2024-13921

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.0 via deserialization of untrusted input from the 'formdata' parameter. This makes it possible for authenticated attackers, with Administrator-level...

7.2CVSS7.5AI score0.00648EPSS
Exploits0References5
OSV
OSV
added 2025/03/20 12:15 p.m.6 views

CVE-2024-13920

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...

4.9CVSS5.9AI score0.00713EPSS
Exploits0References4
OSV
OSV
added 2025/03/20 12:15 p.m.6 views

CVE-2024-13923

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.0 via the validatefile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web...

6.5CVSS5.8AI score0.00363EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/20 11:11 a.m.13 views

CVE-2024-13920 Order Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...

4.9CVSS4.9AI score0.00713EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/03/20 2:47 a.m.7 views

WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability

Directory Traversal to Authenticated Administrator+ Limited Arbitrary File Read via downloadfile Function vulnerability discovered by HayMiz in WordPress Plugin Order Export & Order Import for WooCommerce versions = 2.6.0...

4.9CVSS9AI score0.00713EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/20 2:46 a.m.10 views

WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter vulnerability

Authenticated Admin+ PHP Object Injection via formdata Parameter vulnerability discovered by HayMiz in WordPress Plugin Order Export & Order Import for WooCommerce versions = 2.6.0...

7.2CVSS9.2AI score0.00648EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.6 views

WordPress plugin Order Export & Order Import for WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

4.9CVSS8.8AI score0.00713EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

WordPress plugin Order Export & Order Import for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

7.6CVSS8.9AI score0.00363EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

WordPress plugin Order Export & Order Import for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

7.2CVSS9AI score0.00648EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 4:14 a.m.6 views

CVE-2024-54231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Order Export ni-woocommerce-order-export allows Reflected XSS.This issue affects Ni WooCommerce Order Export: from n/a through = 3.1.6...

7.1CVSS7.2AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:25 a.m.17 views

CVE-2024-31266

Improper Control of Generation of Code 'Code Injection' vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4...

9.1CVSS8.6AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:47 p.m.13 views

CVE-2024-22135

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...

8CVSS7.5AI score0.00525EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/31 9:3 a.m.6 views

WordPress Order Export for WooCommerce plugin <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin Order Export for WooCommerce versions = 3.24...

5.9CVSS6.9AI score0.00451EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.7 views

WordPress plugin Order Export for WooCommerce 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.9CVSS8.4AI score0.00451EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.8 views

PT-2025-2232 · WordPress · Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Order Export for WooCommerce plugin for WordPress versions up to, and including, 3.24 Description: The issue allows unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory, which can contain...

5.9CVSS9.5AI score0.00451EPSS
Exploits0References7
NVD
NVD
added 2024/12/13 3:15 p.m.15 views

CVE-2024-54231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Order Export ni-woocommerce-order-export allows Reflected XSS.This issue affects Ni WooCommerce Order Export: from n/a through = 3.1.6...

7.1CVSS0.00418EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.28 views

CVE-2024-54231 WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Order Export ni-woocommerce-order-export allows Reflected XSS.This issue affects Ni WooCommerce Order Export: from n/a through = 3.1.6...

7.1CVSS0.00418EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:24 p.m.44 views

CVE-2024-54231

CVE-2024-54231 refers to a WordPress vulnerability in the Ni WooCommerce Order Export plugin (versions

7.1CVSS7.2AI score0.00418EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/13 2:24 p.m.6 views

CVE-2024-54231 WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Order Export ni-woocommerce-order-export allows Reflected XSS.This issue affects Ni WooCommerce Order Export: from n/a through = 3.1.6...

7.1CVSS8.6AI score0.00418EPSS
Exploits0References1
Rows per page
Query Builder