137 matches found
WordPress plugin Ni WooCommerce Order Export 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-36109 · Unknown · Ni Woocommerce Order Export
Name of the Vulnerable Software and Affected Versions: Ni WooCommerce Order Export versions 3.1.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...
WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Ni WooCommerce Order Export versions = 3.1.6...
CVE-2024-10828
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...
CVE-2024-10828 Advanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order Details
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...
WordPress plugin Advanced Order Export For WooCommerce 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...
WordPress Advanced Order Export For WooCommerce plugin <= 3.5.5 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin Advanced Order Export For WooCommerce versions = 3.5.5...
CVE-2024-43259
Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through = 3.23...
CVE-2024-43259
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23...
CVE-2024-43259 WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through = 3.23...
CVE-2024-43259
CVE-2024-43259 affects the WordPress plugin Order Export for WooCommerce, with exposure of sensitive information to unauthorized actors in versions up to 3.23. Public sources in the connected docs confirm the issue is a data-exposure vulnerability rather than an exploit in the wild, affecting tha...
PT-2024-30421 · Woocommerce · Order Export For Woocommerce
Name of the Vulnerable Software and Affected Versions: Order Export for WooCommerce versions prior to 3.24 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This affects the Order Export for WooCommerce plugin. To remediate the issue, upgrading t...
WordPress plugin Order Export for WooCommerce 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Order Export for WooCommerce versions = 3.23...
WordPress Order Export for WooCommerce Plugin <= 3.23 is vulnerable to Sensitive Data Exposure
Software Order Export for WooCommerce Type Plugin Vulnerable versions = 3.23 Fixed in 3.24 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-43259 Patch priority Low CVSS severity Low 5.3 Developer WebFactory Ltd. PSID 49e9304e587a Credi...
CVE-2024-34751
Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.9...
CVE-2024-34751
CVE-2024-34751 is a vulnerability in the WordPress plugin “Order Export & Order Import for WooCommerce” (affected: versions up to and including 2.4.9). The issue is a deserialization of untrusted data leading to an authenticated PHP Object Injection, requiring Administrator+ privileges to exploit...
WordPress Plugin Order Export & Order Import for WooCommerce 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
WordPress Order Export & Order Import for WooCommerce plugin <= 2.4.9 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Order Export & Order Import for WooCommerce versions = 2.4.9...
WordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.9 is vulnerable to PHP Object Injection
Software Order Export & Order Import for WooCommerce Type Plugin Vulnerable versions = 2.4.9 Fixed in 2.5.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-34751 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 6a894e737867 Credits Trình Vũ...