VYPR

Product Import Export for WooCommerce

by WordPress

CVEs (6)

  • CVE-2024-49244HigOct 17, 2024
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vrinsoft CSV Product Import Export for WooCommerce csv-wc-product-import-export.This issue affects CSV Product Import Export for WooCommerce: from n/a through <= 1.0.0.

  • CVE-2024-22152HigJan 24, 2024
    risk 0.52cvss 8.0epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a through 2.3.7.

  • CVE-2025-1913HigMar 26, 2025
    risk 0.47cvss 7.2epss 0.01

    The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.5.0 via deserialization of untrusted input from the 'form_data' parameter This makes it possible for…

  • CVE-2025-1912HigMar 26, 2025
    risk 0.42cvss 7.6epss 0.00

    The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validate_file() Function. This makes it possible for authenticated attackers, with…

  • CVE-2025-1769MedMar 26, 2025
    risk 0.32cvss 4.9epss 0.01

    The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.0 via the download_file() function. This makes it possible for authenticated attackers, with…

  • CVE-2025-1911LowMar 26, 2025
    risk 0.18cvss 2.7epss 0.00

    The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.5.0. This makes it…