Vulnerabilities > Algolplus > Advanced Order Export FOR Woocommerce > 3.0.2

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-10828 Unspecified vulnerability in Algolplus Advanced Order Export for Woocommerce
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled.
network
low complexity
algolplus
critical
 9.8
9.8
2022-11-08 CVE-2022-40128 Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Order Export for Woocommerce
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.
network
low complexity
algolplus CWE-352
6.5
6.5
2022-09-09 CVE-2022-35275 Unspecified vulnerability in Algolplus Advanced Order Export for Woocommerce
Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress.
network
low complexity
algolplus
4.8
4.8
2021-04-05 CVE-2021-24169 Cross-site Scripting vulnerability in Algolplus Advanced Order Export for Woocommerce
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data.
network
low complexity
algolplus CWE-79
6.1
6.1
2021-03-31 CVE-2021-27349 Cross-site Scripting vulnerability in Algolplus Advanced Order Export for Woocommerce
Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727.
network
low complexity
algolplus CWE-79
6.1
6.1