← back
CVE-2021-24169

Advanced Order Export For WooCommerce < 3.1.8 - Reflected Cross-Site Scripting (XSS)

EPSS 10.3%CWE-79
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
Affected products
Unknown · Advanced Order Export For WooCommerce
public PoCs found2
exploitdbwww.exploit-db.com/exploits/50324unverifiedcve_referencepacketstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/164263/WordPress-Advanced-Order-Export-For-WooCommerce-3.1.7-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3