Filtered by vendor Algolplus
Subscribe
Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-41655 | 1 Algolplus | 1 Phone Orders For Woocommerce | 2022-11-23 | N/A | 6.5 MEDIUM |
Auth. (subscriber+) Sensitive Data Exposure vulnerability in Phone Orders for WooCommerce plugin <= 3.7.1 on WordPress. | |||||
CVE-2022-43488 | 1 Algolplus | 1 Advanced Dynamic Pricing For Woocommerce | 2022-11-09 | N/A | 4.3 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration. | |||||
CVE-2022-40128 | 1 Algolplus | 1 Advanced Order Export | 2022-11-09 | N/A | 6.5 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download. | |||||
CVE-2022-43491 | 1 Algolplus | 1 Advanced Dynamic Pricing For Woocommerce | 2022-11-09 | N/A | 4.3 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import. | |||||
CVE-2022-38095 | 1 Algolplus | 1 Advanced Dynamic Pricing For Woocommerce | 2022-09-26 | N/A | 4.3 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress. | |||||
CVE-2022-35275 | 1 Algolplus | 1 Advanced Order Export | 2022-09-09 | N/A | 4.8 MEDIUM |
Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress. | |||||
CVE-2021-24169 | 1 Algolplus | 1 Advanced Order Export | 2021-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS. | |||||
CVE-2021-27349 | 1 Algolplus | 1 Advanced Order Export | 2021-04-02 | 4.3 MEDIUM | 6.1 MEDIUM |
Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727. | |||||
CVE-2018-11525 | 1 Algolplus | 1 Advanced Order Export | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection. | |||||
CVE-2020-11727 | 1 Algolplus | 1 Advanced Order Export | 2020-05-07 | 4.3 MEDIUM | 6.1 MEDIUM |
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter. |