algolplus advanced_order_export_for_woocommerce CVE 漏洞(7)

CVE 數: 7 CPE versions: View versions table

摘要

本頁列出影響 algolplus advanced_order_export_for_woocommerce 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 177 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2024-10828 The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the rig [email protected] 8.1 1.41% 2024-11-12 2026-06-17
CVE-2022-40128 Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download. [email protected] 4.3 0.31% 2022-11-08 2026-06-17
CVE-2022-35275 Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress. [email protected] 4.8 0.45% 2022-09-09 2026-06-17
CVE-2021-24169 This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS. [email protected] 6.1 10.35% 2021-04-05 2026-06-16
CVE-2021-27349 Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727. [email protected] 6.1 0.78% 2021-03-31 2026-06-16
CVE-2020-11727 A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter. [email protected] 6.1 1.96% 2020-05-06 2026-06-16
CVE-2018-11525 The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection. [email protected] 7.8 5.21% 2018-06-19 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence