All the vulnerabilites related to Unknown - Advanced Order Export For WooCommerce
cve-2021-24169
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Unknown | Advanced Order Export For WooCommerce |
Version: 3.1.8 < 3.1.8 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Advanced Order Export For WooCommerce",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.1.8",
"status": "affected",
"version": "3.1.8",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "0xB9"
}
],
"descriptions": [
{
"lang": "en",
"value": "This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T16:06:12",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Advanced Order Export For WooCommerce \u003c 3.1.8 - Reflected Cross-Site Scripting (XSS)",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24169",
"STATE": "PUBLIC",
"TITLE": "Advanced Order Export For WooCommerce \u003c 3.1.8 - Reflected Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Advanced Order Export For WooCommerce",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1.8",
"version_value": "3.1.8"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "0xB9"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3"
},
{
"name": "http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24169",
"datePublished": "2021-04-05T18:27:44",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:21:18.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}