Visser Store Exporter For Woocommerce vulnerabilities
4 known vulnerabilities affecting visser/store_exporter_for_woocommerce.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-0149P3MEDIUMCVSS 6.1PoCfixed in 2.7.12022-02-07
CVE-2022-0149 [MEDIUM] CWE-79 CVE-2022-0149: The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site
The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the woo_ce admin page.
nvd
CVE-2016-10935P3CRITICALCVSS 9.8fixed in 1.8.42019-08-27
CVE-2016-10935 [CRITICAL] CWE-264 CVE-2016-10935: The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation.
The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation.
nvd
CVE-2023-46822P4MEDIUMCVSS 6.1≤ 2.7.22023-11-06
CVE-2023-46822 [MEDIUM] CWE-79 CVE-2023-46822: Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce
Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions.
nvd
CVE-2024-8793P4MEDIUMCVSS 6.1≤ 2.7.2.12024-10-01
CVE-2024-8793 [MEDIUM] CWE-79 CVE-2024-8793: The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More
The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.2.1. This makes it possible for unauthenticated attackers to inject arbi
nvd