Advanced Order Export For Woocommerce

Source repositories

https://plugins.svn.wordpress.org/advanced-order-export-for-woocommerce/

CVEs (7)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-31266	WordPress Advanced Order Export For Woocommerce	Cri	0.59	9.1	0.01	Apr 25, 2024	Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.
CVE-2021-24169	WordPress Advanced Order Export For Woocommerce		0.03	—	0.02	Apr 5, 2021	This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
CVE-2022-40128	WordPress Advanced Order Export For Woocommerce		0.00	—	0.00	Nov 8, 2022	Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.
CVE-2022-35275	WordPress Advanced Order Export For Woocommerce		0.00	—	0.00	Sep 9, 2022	Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress.
CVE-2021-27349	WordPress Advanced Order Export For Woocommerce		0.00	—	0.00	Mar 31, 2021	Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727.
CVE-2020-11727	WordPress Advanced Order Export For Woocommerce		0.00	—	0.00	May 6, 2020	A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.
CVE-2018-11525	WordPress Advanced Order Export For Woocommerce		0.00	—	0.02	Jun 19, 2018	The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.

CVE-2024-31266CriApr 25, 2024
WordPress
Advanced Order Export For Woocommerce
risk 0.59cvss 9.1epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.
CVE-2021-24169Apr 5, 2021
WordPress
Advanced Order Export For Woocommerce
risk 0.03cvss —epss 0.02
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
CVE-2022-40128Nov 8, 2022
WordPress
Advanced Order Export For Woocommerce
risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.
CVE-2022-35275Sep 9, 2022
WordPress
Advanced Order Export For Woocommerce
risk 0.00cvss —epss 0.00
Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress.
CVE-2021-27349Mar 31, 2021
WordPress
Advanced Order Export For Woocommerce
risk 0.00cvss —epss 0.00
Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727.
CVE-2020-11727May 6, 2020
WordPress
Advanced Order Export For Woocommerce
risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.
CVE-2018-11525Jun 19, 2018
WordPress
Advanced Order Export For Woocommerce
risk 0.00cvss —epss 0.02
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.