Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webtoffee vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22288
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, D...
NA
CVE-2024-30231
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a up to and including 2.4.1.
NA
CVE-2024-22135
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a up to and including 2.4.3.
Webtoffee Order Export \\& Order Import For Woocommerce
NA
CVE-2024-22152
Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a up to and including 2.3.7.
Webtoffee Product Import Export For Woocommerce
NA
CVE-2024-0705
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...
Webtoffee Stripe Payment Plugin For Woocommerce
1 Github repository
NA
CVE-2023-6558
The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_import_file' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attacke...
Webtoffee Import Export Wordpress Users
NA
CVE-2023-7068
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprint_packinglist action in all versions up to, and including, 4.3.0. This makes it possible f...
Webtoffee Woocommerce Pdf Invoices\\, Packing Slips\\, Delivery Notes And Shipping Labels
NA
CVE-2023-48284
Cross-Site Request Forgery (CSRF) vulnerability in WebToffee Decorator – WooCommerce Email Customizer allows Cross Site Request Forgery.This issue affects Decorator – WooCommerce Email Customizer: from n/a up to and including 1.2.7.
Webtoffee Decorator
NA
CVE-2023-5737
The WordPress Backup & Migration WordPress plugin prior to 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.
Webtoffee Backup And Migration
NA
CVE-2023-5738
The WordPress Backup & Migration WordPress plugin prior to 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks.
Webtoffee Backup And Migration
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »