Vulnerabilities > Algolplus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-17 | CVE-2022-40203 | Missing Authorization vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Missing Authorization vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through 4.1.5. | 8.8 |
2022-11-18 | CVE-2022-41655 | Unspecified vulnerability in Algolplus Phone Orders for Woocommerce Auth. | 6.5 |
2022-11-09 | CVE-2022-43488 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration. | 4.3 |
2022-11-08 | CVE-2022-40128 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Order Export Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download. | 6.5 |
2022-11-08 | CVE-2022-43491 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import. | 4.3 |
2021-04-05 | CVE-2021-24169 | Cross-site Scripting vulnerability in Algolplus Advanced Order Export This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. | 4.3 |
2021-03-31 | CVE-2021-27349 | Cross-site Scripting vulnerability in Algolplus Advanced Order Export Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727. | 4.3 |
2020-05-06 | CVE-2020-11727 | Cross-site Scripting vulnerability in Algolplus Advanced Order Export 3.1.3 A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter. | 4.3 |
2018-06-19 | CVE-2018-11525 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Algolplus Advanced Order Export The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection. | 6.8 |