CVE-2024-9377

The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.15. This makes it possible for unauthenticat...

CVE-2024-13623

The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads...

WordPress plugin Order Export & Order Import for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin <= 4.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary SQL Execution/Privilege Escalation vulnerability

WordPress WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin = 4.1.1 - Missing Authorization to Authenticated Subscriber+ Arbitrary SQL Execution/Privilege Escalation vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WordPress Awesome Impo...

CVE-2025-27271 WordPress DB Tables Import/Export Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alberto Cocchiara DB Tables Import/Export db-tables-importexport allows Reflected XSS.This issue affects DB Tables Import/Export: from n/a through = 1.0.1...

WordPress DB Tables Import/Export Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin DB Tables Import/Export versions = 1.0.1...

WordPress plugin WP ALL Export Pro 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability...

PT-2025-5987 · WordPress · Wp All Export Pro

Name of the Vulnerable Software and Affected Versions: WP ALL Export Pro plugin for WordPress versions up to, and including, 1.9.1 Description: The issue is related to the lack of input validation and sanitization of user-supplied data in the custom export fields. This allows unauthenticated...

WordPress WP All Export Pro plugin < 1.9.2 - Unauthenticated Remote Code Execution via Custom Export Fields

Unauthenticated Remote Code Execution via Custom Export Fields vulnerability discovered by ? in WordPress Plugin WP ALL Export Pro versions 1.9.2...

CVE-2024-9377

The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.15. This makes it possible for unauthenticat...

WordPress plugin Products, Order & Customers Export for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

CVE-2024-43259

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23...

WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Order Export for WooCommerce versions = 3.23...

WordPress Template Kit – Export Plugin <= 1.0.23 is vulnerable to Cross Site Scripting (XSS)

Software Template Kit – Export Type Plugin Vulnerable versions = 1.0.23 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37550 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 393ac04c5e97 Credits Mahesh Nagabhairava Required...

WordPress Export WP Page to Static HTML/CSS plugin <= 2.2.2 - Open Redirect vulnerability

Open Redirect vulnerability discovered by Krzysztof Zając in WordPress Plugin Export WP Page to Static HTML/CSS versions = 2.2.2...

WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...

WordPress Import and export users and customers plugin <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by quanhx hxx in WordPress Plugin Import and export users and customers versions = 1.26.6.1...

CVE-2023-6624

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.24.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-6369

The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...

PT-2024-15027 · WordPress · Import/Export Users/Customers Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Import and export users and customers plugin for WordPress versions up to, and including, 1.24.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied...