Vulnerabilities and security researches forwooexim wooexim

Jan 09, 2025

CVE, Research URL: CVE-2025-22533
Home page URL: Security reports for WOOEXIM – WooCommerce Export Import Plugin
Application: WOOEXIM – WooCommerce Export Import Plugin
Date: Jan 07, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WOOEXIM.COM WOOEXIM allows SQL Injection.This issue affects WOOEXIM: from n/a through 5.0.0.
Affected versions: Min -, max -.
Status: vulnerable

Jan 24, 2025

CVE, Research URL: CVE-2025-23944
Home page URL: Security reports for WOOEXIM – WooCommerce Export Import Plugin
Application: WOOEXIM – WooCommerce Export Import Plugin
Date: Jan 22, 2025
Research Description: Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0.
Affected versions: Min -, max -.
Status: vulnerable

May 19, 2025

CVE, Research URL: CVE-2025-1288
Home page URL: Security reports for WOOEXIM – WooCommerce Export Import Plugin
Application: WOOEXIM – WooCommerce Export Import Plugin
Date: May 16, 2025
Research Description: The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack.
Affected versions: Min -, max -.
Status: vulnerable