Lucene search
+L

137 matches found

NVD
NVD
added 2024/04/25 9:15 a.m.39 views

CVE-2024-31266

Improper Control of Generation of Code 'Code Injection' vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4...

9.1CVSS9.4AI score0.00691EPSS
Exploits0References1
CVE
CVE
added 2024/04/25 8:43 a.m.92 views

CVE-2024-31266

CVE-2024-31266 is an authenticated remote code execution vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (

9.1CVSS8.6AI score0.00691EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.8 views

PT-2024-23910 · Woocommerce · Algolplus Advanced Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: AlgolPlus Advanced Order Export For WooCommerce versions 3.4.4 and earlier Description: The issue is related to improper control of code generation, allowing code injection. This can potentially lead to unauthorized access or execution of...

9.1CVSS9.7AI score0.00691EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/05 7:59 a.m.6 views

WordPress Advanced Order Export For WooCommerce plugin <= 3.4.4 - Remote Code Execution vulnerability

Remote Code Execution vulnerability discovered by movrment Patchstack Alliance in WordPress Plugin Advanced Order Export For WooCommerce versions = 3.4.4...

9.1CVSS7.5AI score0.00691EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/01/24 12:15 p.m.4 views

CVE-2024-22135

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...

7.2CVSS5.8AI score0.00525EPSS
Exploits0References1
Prion
Prion
added 2024/01/24 12:15 p.m.16 views

Unrestricted file upload

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...

5.8CVSS7.2AI score0.00525EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/24 11:51 a.m.50 views

CVE-2024-22135

CVE-2024-22135 affects the WordPress plugin Order Export & Order Import for WooCommerce (

8CVSS7.5AI score0.00525EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.6 views

WordPress plugin Order Export & Order Import for WooCommerce Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

8CVSS7.2AI score0.00525EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.9 views

PrestaShop Advanced Export Products Orders Cron CSV Excel Security Vulnerability

PrestaShop SmartSoft Advanced Export is a PrestaShop order export module from PrestaShop. A security vulnerability exists in PrestaShop Advanced Export Products Orders Cron CSV Excel prior to v4.4.7, which stems from a vulnerability that allows an unauthenticated attacker to arbitrarily download...

7.5CVSS6.6AI score0.00608EPSS
Exploits0References2
NVD
NVD
added 2023/07/01 6:15 a.m.16 views

CVE-2020-36748

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

4.3CVSS4.2AI score0.00464EPSS
Exploits1References9
OSV
OSV
added 2023/07/01 6:15 a.m.6 views

CVE-2020-36748

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

4.3CVSS5.5AI score
Exploits0References9
Prion
Prion
added 2023/07/01 6:15 a.m.24 views

Cross site request forgery (csrf)

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

4.3CVSS4.3AI score0.00464EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2023/07/01 5:33 a.m.19 views

CVE-2020-36748 Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

4.3CVSS4.3AI score0.00464EPSS
Exploits1References9
CNNVD
CNNVD
added 2023/07/01 12:0 a.m.7 views

WordPress Plugin Dokan 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS5AI score0.00464EPSS
Exploits1References11
OSV
OSV
added 2022/11/08 7:15 p.m.4 views

CVE-2022-40128

Cross-Site Request Forgery CSRF vulnerability in Advanced Order Export For WooCommerce plugin = 3.3.2 on WordPress leading to export file download...

6.5CVSS5.8AI score0.00313EPSS
Exploits0References2
CVE
CVE
added 2022/11/08 6:15 p.m.79 views

CVE-2022-40128

CVE-2022-40128 is a CSRF vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (versions

6.5CVSS5.4AI score0.00313EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-25229 · WordPress · Advanced Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Advanced Order Export For WooCommerce plugin versions = 3.3.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to the download of export files. This occurs in the Advanced Order Export For...

6.5CVSS7.3AI score0.00313EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2022/10/20 12:0 a.m.16 views

Advanced Order Export For WooCommerce < 3.3.3 - Export Files via CSRF

The plugin does not have CSRF check when exporting files, which could allow attackers to make a logged in admin perform such action via a CSRF attack...

6.5CVSS4.6AI score0.00313EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/09/09 3:15 p.m.27 views

CVE-2022-35275

Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...

4.8CVSS0.00454EPSS
Exploits0References2
OSV
OSV
added 2022/09/09 3:15 p.m.4 views

CVE-2022-35275

Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...

4.8CVSS5.8AI score0.00454EPSS
Exploits0References2
Rows per page
Query Builder