137 matches found
CVE-2024-31266
Improper Control of Generation of Code 'Code Injection' vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4...
CVE-2024-31266
CVE-2024-31266 is an authenticated remote code execution vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (
PT-2024-23910 · Woocommerce · Algolplus Advanced Order Export For Woocommerce
Name of the Vulnerable Software and Affected Versions: AlgolPlus Advanced Order Export For WooCommerce versions 3.4.4 and earlier Description: The issue is related to improper control of code generation, allowing code injection. This can potentially lead to unauthorized access or execution of...
WordPress Advanced Order Export For WooCommerce plugin <= 3.4.4 - Remote Code Execution vulnerability
Remote Code Execution vulnerability discovered by movrment Patchstack Alliance in WordPress Plugin Advanced Order Export For WooCommerce versions = 3.4.4...
CVE-2024-22135
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...
CVE-2024-22135
CVE-2024-22135 affects the WordPress plugin Order Export & Order Import for WooCommerce (
WordPress plugin Order Export & Order Import for WooCommerce Code Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
PrestaShop Advanced Export Products Orders Cron CSV Excel Security Vulnerability
PrestaShop SmartSoft Advanced Export is a PrestaShop order export module from PrestaShop. A security vulnerability exists in PrestaShop Advanced Export Products Orders Cron CSV Excel prior to v4.4.7, which stems from a vulnerability that allows an unauthenticated attacker to arbitrarily download...
CVE-2020-36748
The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...
CVE-2020-36748
The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...
Cross site request forgery (csrf)
The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...
CVE-2020-36748 Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass
The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...
WordPress Plugin Dokan 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-40128
Cross-Site Request Forgery CSRF vulnerability in Advanced Order Export For WooCommerce plugin = 3.3.2 on WordPress leading to export file download...
CVE-2022-40128
CVE-2022-40128 is a CSRF vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (versions
PT-2022-25229 · WordPress · Advanced Order Export For Woocommerce
Name of the Vulnerable Software and Affected Versions: Advanced Order Export For WooCommerce plugin versions = 3.3.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to the download of export files. This occurs in the Advanced Order Export For...
Advanced Order Export For WooCommerce < 3.3.3 - Export Files via CSRF
The plugin does not have CSRF check when exporting files, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
CVE-2022-35275
Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...
CVE-2022-35275
Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...