VYPR

Order Export \& Order Import For Woocommerce

by Webtoffee

CVEs (7)

  • CVE-2024-22135HigJan 24, 2024
    risk 0.52cvss 8.0epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3.

  • CVE-2024-34751MedMay 16, 2024
    risk 0.29cvss 4.4epss 0.00

    Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.9.

  • CVE-2025-64382MedNov 13, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for WooCommerce: from n/a…

  • CVE-2024-13920Mar 20, 2025
    risk 0.00cvss epss 0.01

    The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the download_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above,…

  • CVE-2024-13921Mar 20, 2025
    risk 0.00cvss epss 0.01

    The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.0 via deserialization of untrusted input from the 'form_data' parameter. This makes it possible for authenticated attackers, with…

  • CVE-2024-13922Mar 20, 2025
    risk 0.00cvss epss 0.00

    The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.6.0. This makes it possible for authenticated…

  • CVE-2024-13923Mar 20, 2025
    risk 0.00cvss epss 0.00

    The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.0 via the validate_file() function. This makes it possible for authenticated attackers, with Administrator-level access and…