Sidngr Import Export For Woocommerce vulnerabilities
3 known vulnerabilities affecting sidngr/import_export_for_woocommerce.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-54262P2CRITICALCVSS 9.9≤ 1.6.22024-12-13
CVE-2024-54262 [CRITICAL] CWE-434 CVE-2024-54262: Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerc
Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2.
nvd
CVE-2025-48144P4MEDIUMCVSS 6.1≤ 1.6.22025-05-16
CVE-2025-48144 [MEDIUM] CWE-352 CVE-2025-48144: Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce import-expor
Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Stored XSS.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2.
nvd
CVE-2025-12389P4MEDIUMCVSS 4.3≤ 1.6.22025-11-04
CVE-2025-12389 [MEDIUM] CWE-862 CVE-2025-12389: The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of
The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_setting() function in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's record setting.
nvd