WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Advanced Order Export For WooCommerce < 3.3.3 - Export Files via CSRF

Description

The plugin does not have CSRF check when exporting files, which could allow attackers to make a logged in admin perform such action via a CSRF attack

Affects Plugins

woo-order-export-lite
Fixed in version 3.3.3

References

CVE
CVE-2022-40128

Classification

Type

CSRF

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher

Lana Codes

Verified

No

WPVDB ID
514d1d83-f8e1-4d85-a402-7dec3db14a32

Timeline

Publicly Published

2022-10-20 (about 3 months ago)

Added

2022-11-08 (about 2 months ago)

Last Updated

2022-11-08 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin