Lucene search
K
AlgolplusAdvanced Order Export For Woocommerce

7 matches found

CVE
CVE
added 2021/04/05 6:27 p.m.127 views

CVE-2021-24169

The CVE-2021-24169 entry concerns the WordPress plugin “Advanced Order Export For WooCommerce” (before 3.1.8). Affected component: the admin panel tab parameter; root cause is an authenticated reflected XSS vulnerability. Impact statements in connected docs indicate that an attacker authenticated...

6.1CVSS6.1AI score0.10348EPSS
Web
CVE
CVE
added 2020/05/06 5:27 p.m.94 views

CVE-2020-11727

CVE-2020-11727 affects the AlgolPlus Advanced Order Export For WooCommerce plugin for WordPress (version 3.1.3). The XSS vulnerability arises in view/settings-form.php via the woe_post_type parameter, allowing remote attackers to inject arbitrary scripts/HTML. The provided sources describe the is...

6.1CVSS5.9AI score0.01955EPSS
Web
CVE
CVE
added 2024/11/13 3:20 a.m.82 views

CVE-2024-10828

CVE-2024-10828 affects the WordPress plugin Advanced Order Export For WooCommerce (

9.8CVSS9AI score0.01406EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.76 views

CVE-2022-35275

Affected software: AlgolPlus Advanced Order Export For WooCommerce plugin (WordPress) versions ≤ 3.3.1. Issue: Authenticated user (shop manager+) can trigger a Reflected Cross-Site Scripting (XSS) vulnerability due to improper input handling. Impact: XSS could affect authenticated sessions and po...

4.8CVSS4.9AI score0.00437EPSS
CVE
CVE
added 2018/06/19 7:0 p.m.73 views

CVE-2018-11525

CVE-2018-11525 affects the WordPress plugin Advanced Order Export For WooCommerce (versions ≤ 1.5.4). The vulnerability is a CSV Injection in exported order data, allowing an attacker to inject commands through form fields. Documentation indicates that when a user with higher privileges exports d...

7.8CVSS7.5AI score0.05209EPSS
CVE
CVE
added 2022/11/08 6:15 p.m.72 views

CVE-2022-40128

CVE-2022-40128 is a CSRF vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (versions

6.5CVSS5.4AI score0.00313EPSS
CVE
CVE
added 2021/03/31 9:34 p.m.61 views

CVE-2021-27349

The CVE-2021-27349 entry concerns the WordPress WooCommerce Order Export (Advanced Order Export) plugin vulnerable to Cross-Site Scripting (XSS) in versions before 3.1.8. Multiple connected sources (CNVD-2021-27800, CNVD-2020-27077, NVD CVE-2021-27349 entry) describe XSS in this plugin; CNVD note...

6.1CVSS6.1AI score0.00776EPSS