7 matches found
CVE-2021-24169
The CVE-2021-24169 entry concerns the WordPress plugin “Advanced Order Export For WooCommerce” (before 3.1.8). Affected component: the admin panel tab parameter; root cause is an authenticated reflected XSS vulnerability. Impact statements in connected docs indicate that an attacker authenticated...
CVE-2020-11727
CVE-2020-11727 affects the AlgolPlus Advanced Order Export For WooCommerce plugin for WordPress (version 3.1.3). The XSS vulnerability arises in view/settings-form.php via the woe_post_type parameter, allowing remote attackers to inject arbitrary scripts/HTML. The provided sources describe the is...
CVE-2024-10828
CVE-2024-10828 affects the WordPress plugin Advanced Order Export For WooCommerce (
CVE-2022-35275
Affected software: AlgolPlus Advanced Order Export For WooCommerce plugin (WordPress) versions ≤ 3.3.1. Issue: Authenticated user (shop manager+) can trigger a Reflected Cross-Site Scripting (XSS) vulnerability due to improper input handling. Impact: XSS could affect authenticated sessions and po...
CVE-2018-11525
CVE-2018-11525 affects the WordPress plugin Advanced Order Export For WooCommerce (versions ≤ 1.5.4). The vulnerability is a CSV Injection in exported order data, allowing an attacker to inject commands through form fields. Documentation indicates that when a user with higher privileges exports d...
CVE-2022-40128
CVE-2022-40128 is a CSRF vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (versions
CVE-2021-27349
The CVE-2021-27349 entry concerns the WordPress WooCommerce Order Export (Advanced Order Export) plugin vulnerable to Cross-Site Scripting (XSS) in versions before 3.1.8. Multiple connected sources (CNVD-2021-27800, CNVD-2020-27077, NVD CVE-2021-27349 entry) describe XSS in this plugin; CNVD note...