cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forexport-woocommerce export-woocommerce

Direction: descending
Oct 11, 2024

Products, Order & Customers Export for WooCommerce # CVE-2024-9377

CVE, Research URL

CVE-2024-9377

Home page URL

Security reports for Products, Order & Customers Export for WooCommerce

Application

Products, Order & Customers Export for WooCommerce

Date
Oct 10, 2024
Research Description
The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.15. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 2.1.0.
Status
vulnerable
Aug 12, 2024

Products, Order & Customers Export for WooCommerce # CVE-2024-43127

CVE, Research URL

CVE-2024-43127

Home page URL

Security reports for Products, Order & Customers Export for WooCommerce

Application

Products, Order & Customers Export for WooCommerce

Date
Aug 13, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPFactory Products, Order & Customers Export for WooCommerce allows Reflected XSS.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.11.
Affected versions
max 2.0.12.
Status
vulnerable
Jun 07, 2024

Products, Order & Customers Export for WooCommerce # CVE-2023-47547

CVE, Research URL

CVE-2023-47547

Home page URL

Security reports for Products, Order & Customers Export for WooCommerce

Application

Products, Order & Customers Export for WooCommerce

Date
Nov 15, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin <= 2.0.7 versions.
Affected versions
max 2.0.9.
Status
vulnerable

Products, Order &amp; Customers Export for WooCommerce # CVE-2024-31276

CVE, Research URL

CVE-2024-31276

Home page URL

Security reports for Products, Order &amp; Customers Export for WooCommerce

Application

Products, Order &amp; Customers Export for WooCommerce

Date
Jun 10, 2024
Research Description
Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.8.
Affected versions
max 2.0.9.
Status
vulnerable