CVE-2024-22135

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...

Unrestricted file upload

Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3...

CVE-2024-22135

CVE-2024-22135 affects the WordPress plugin Order Export & Order Import for WooCommerce (

WordPress plugin Order Export & Order Import for WooCommerce Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

PrestaShop Advanced Export Products Orders Cron CSV Excel Security Vulnerability

PrestaShop SmartSoft Advanced Export is a PrestaShop order export module from PrestaShop. A security vulnerability exists in PrestaShop Advanced Export Products Orders Cron CSV Excel prior to v4.4.7, which stems from a vulnerability that allows an unauthenticated attacker to arbitrarily download...

CVE-2020-36748

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

CVE-2020-36748

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

Cross site request forgery (csrf)

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

CVE-2020-36748 Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass

The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handleorderexport function. This makes it possible for unauthenticated attackers to trigger an order export via a forged...

WordPress Plugin Dokan 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-40128

Cross-Site Request Forgery CSRF vulnerability in Advanced Order Export For WooCommerce plugin = 3.3.2 on WordPress leading to export file download...

CVE-2022-40128

CVE-2022-40128 is a CSRF vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (versions

PT-2022-25229 · WordPress · Advanced Order Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Advanced Order Export For WooCommerce plugin versions = 3.3.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to the download of export files. This occurs in the Advanced Order Export For...

Advanced Order Export For WooCommerce < 3.3.3 - Export Files via CSRF

The plugin does not have CSRF check when exporting files, which could allow attackers to make a logged in admin perform such action via a CSRF attack...

CVE-2022-35275

Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...

CVE-2022-35275

Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...

CVE-2022-35275

Affected software: AlgolPlus Advanced Order Export For WooCommerce plugin (WordPress) versions ≤ 3.3.1. Issue: Authenticated user (shop manager+) can trigger a Reflected Cross-Site Scripting (XSS) vulnerability due to improper input handling. Impact: XSS could affect authenticated sessions and po...

CVE-2022-35275 WordPress Advanced Order Export For WooCommerce plugin <= 3.3.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated shop manager+ Reflected Cross-Site Scripting XSS vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin = 3.3.1 at WordPress...

WordPress plugin Advanced Order Export For WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Advanced Order Export For WooCommerce 3.1.7 Plugin - Reflected XSS Vulnerability

Exploit Title: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting XSS Author: 0xB9 Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Version: 3.1.7 Tested on: Windows 10 CVE: CVE-2021-24169 1. Description: This plugin helps you to easil...