Lucene search
K

137 matches found

CNNVD
CNNVD
added 2024/12/13 12:0 a.m.2 views

WordPress plugin Ni WooCommerce Order Export 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.7AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.3 views

PT-2024-36109 · Unknown · Ni Woocommerce Order Export

Name of the Vulnerable Software and Affected Versions: Ni WooCommerce Order Export versions 3.1.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...

7.1CVSS7.1AI score0.0041EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/12/05 8:20 p.m.3 views

WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Ni WooCommerce Order Export versions = 3.1.6...

7.1CVSS6.1AI score0.0041EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/11/13 4:15 a.m.15 views

CVE-2024-10828

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...

9.8CVSS0.01406EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/13 3:20 a.m.20 views

CVE-2024-10828 Advanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order Details

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...

8.1CVSS0.01406EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.5 views

WordPress plugin Advanced Order Export For WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

9.8CVSS8.3AI score0.01406EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/11/12 6:50 p.m.6 views

WordPress Advanced Order Export For WooCommerce plugin <= 3.5.5 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin Advanced Order Export For WooCommerce versions = 3.5.5...

9.8CVSS7.3AI score0.01406EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/08/26 9:15 p.m.39 views

CVE-2024-43259

Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through = 3.23...

7.5CVSS0.0037EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 9:15 p.m.3 views

CVE-2024-43259

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23...

7.5CVSS5.8AI score0.0037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/26 8:13 p.m.15 views

CVE-2024-43259 WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through = 3.23...

5.3CVSS5.2AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:13 p.m.51 views

CVE-2024-43259

CVE-2024-43259 affects the WordPress plugin Order Export for WooCommerce, with exposure of sensitive information to unauthorized actors in versions up to 3.23. Public sources in the connected docs confirm the issue is a data-exposure vulnerability rather than an exploit in the wild, affecting tha...

7.5CVSS5.9AI score0.0037EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.8 views

PT-2024-30421 · Woocommerce · Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Order Export for WooCommerce versions prior to 3.24 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This affects the Order Export for WooCommerce plugin. To remediate the issue, upgrading t...

7.5CVSS6.4AI score0.0037EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.2 views

WordPress plugin Order Export for WooCommerce 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

7.5CVSS5.9AI score0.0037EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/12 1:27 p.m.5 views

WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Order Export for WooCommerce versions = 3.23...

7.5CVSS7AI score0.0037EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.9 views

WordPress Order Export for WooCommerce Plugin <= 3.23 is vulnerable to Sensitive Data Exposure

Software Order Export for WooCommerce Type Plugin Vulnerable versions = 3.23 Fixed in 3.24 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-43259 Patch priority Low CVSS severity Low 5.3 Developer WebFactory Ltd. PSID 49e9304e587a Credi...

7.5CVSS6.6AI score0.0037EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/05/16 4:15 p.m.18 views

CVE-2024-34751

Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.9...

4.4CVSS5.2AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2024/05/16 3:47 p.m.61 views

CVE-2024-34751

CVE-2024-34751 is a vulnerability in the WordPress plugin “Order Export & Order Import for WooCommerce” (affected: versions up to and including 2.4.9). The issue is a deserialization of untrusted data leading to an authenticated PHP Object Injection, requiring Administrator+ privileges to exploit...

4.4CVSS6.8AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.5 views

WordPress Plugin Order Export & Order Import for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

4.4CVSS6.9AI score0.00244EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/14 1:16 p.m.4 views

WordPress Order Export & Order Import for WooCommerce plugin <= 2.4.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Order Export & Order Import for WooCommerce versions = 2.4.9...

4.4CVSS7.3AI score0.00244EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.15 views

WordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.9 is vulnerable to PHP Object Injection

Software Order Export & Order Import for WooCommerce Type Plugin Vulnerable versions = 2.4.9 Fixed in 2.5.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-34751 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 6a894e737867 Credits Trình Vũ...

4.4CVSS6.9AI score0.00244EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder