Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.
References
| Link | Resource |
|---|---|
| https://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | Third Party Advisory |
| https://wordpress.org/plugins/woo-order-export-lite/ | Product Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 12:45
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:* | |
| First Time |
Algolplus advanced Order Export For Woocommerce
|
09 Nov 2022, 14:57
| Type | Values Removed | Values Added |
|---|---|---|
| References | (CONFIRM) https://wordpress.org/plugins/woo-order-export-lite/ - Product, Third Party Advisory | |
| References | (CONFIRM) https://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory | |
| CPE | cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CWE | CWE-352 |
08 Nov 2022, 19:25
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-11-08 19:15
Updated : 2024-11-20 12:45
NVD link : CVE-2022-40128
Mitre link : CVE-2022-40128
CVE.ORG link : CVE-2022-40128
JSON object : View
Products Affected
algolplus
- advanced_order_export_for_woocommerce
CWE
CWE-352
Cross-Site Request Forgery (CSRF)