CVE-2021-24169 Advanced Order Export For WooCommerce < 3.1.8 - Reflected Cross-Site Scripting (XSS)

2021-04-0518:27:44

CWE-79

WPScan

www.cve.org

woocommerce

wordpress

plugin

reflected xss

vulnerability

EPSS

0.002

Percentile

59.2%

JSON

This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.

CNA Affected

[
  {
    "product": "Advanced Order Export For WooCommerce",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "3.1.8",
        "status": "affected",
        "version": "3.1.8",
        "versionType": "custom"
      }
    ]
  }
]