Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webtoffee vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-11526
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
Webtoffee Wordpress Comments Import And Export
1 EDB exploit
9.8
CVSSv3
CVE-2022-45370
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a up to and including 2.3.1.
Webtoffee Wordpress Comments Import And Export
7.5
CVSSv3
CVE-2024-0705
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
Webtoffee Stripe Payment Plugin For Woocommerce
1 Github repository
7.2
CVSSv3
CVE-2024-22135
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a up to and including 2.4.3.
Webtoffee Order Export \\& Order Import For Woocommerce
9.8
CVSSv3
CVE-2022-46802
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product Reviews Import Export for WooCommerce.This issue affects Product Reviews Import Export for WooCommerce: from n/a up to and including 1.4.8.
Webtoffee Product Reviews Import Export For Woocommerce
6.5
CVSSv3
CVE-2023-7068
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprint_packinglist action in all versions up to, and including, 4.3.0. This makes it possible f...
Webtoffee Woocommerce Pdf Invoices\\, Packing Slips\\, Delivery Notes And Shipping Labels
NA
CVE-2024-32835
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a up to and including 2.5.3.
NA
CVE-2024-31235
Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a up to and including 2.3.5.
NA
CVE-2024-31254
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a up to and including 1.4.7.
NA
CVE-2024-30231
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a up to and including 2.4.1.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »