Vulnerabilities > Visser

DATE CVE VULNERABILITY TITLE RISK
2024-10-01 CVE-2024-8793 Cross-site Scripting vulnerability in Visser Store Exporter for Woocommerce
The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.2.1.
network
low complexity
visser CWE-79
6.1
2023-11-06 CVE-2023-46822 Unspecified vulnerability in Visser Store Exporter for Woocommerce
Unauth.
network
low complexity
visser
6.1
2022-07-11 CVE-2022-1546 Unspecified vulnerability in Visser Woocommerce - Product Importer 1.5.2
The WooCommerce - Product Importer WordPress plugin through 1.5.2 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting
network
low complexity
visser
6.1
2022-02-07 CVE-2022-0149 Unspecified vulnerability in Visser Store Exporter for Woocommerce
The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the woo_ce admin page.
network
low complexity
visser
6.1
2022-02-07 CVE-2021-25077 Cross-site Scripting vulnerability in Visser Store Toolkit for Woocommerce
The Store Toolkit for WooCommerce WordPress plugin before 2.3.2 does not sanitise and escape the tab parameter before outputting it back in an admin page in an error message, leading to a Reflected Cross-Site Scripting
network
low complexity
visser CWE-79
6.1
2019-08-27 CVE-2016-10935 Permissions, Privileges, and Access Controls vulnerability in Visser Store Exporter for Woocommerce
The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation.
network
low complexity
visser CWE-264
critical
9.8
2019-08-22 CVE-2016-10923 Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.
network
low complexity
visser CWE-264
critical
9.8
2019-08-22 CVE-2016-10922 Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation.
network
low complexity
visser CWE-264
critical
9.8
2019-05-06 CVE-2019-11807 Unrestricted Upload of File with Dangerous Type vulnerability in Visser Woocommerce Checkout Manager
The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=update_attachment_wccm wccm_default_keys_load parameter because of a nopriv_ registration and a lack of capabilities checks.
network
low complexity
visser CWE-434
7.5