Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WooCommerce – Store Exporter 1.7.5

  • Severity: medium-risk
  • Status: Open
  • Publication: August 26, 2014

The WooCommerce – Store Exporter plugin for WordPress is vulnerable to an attack called Stored Cross-Site Scripting. This means that malicious code can be added to the plugin, which could be used to get access to people’s personal information, or to do other dangerous things. This vulnerability exists in versions up to, and including, 1.7.5, due to the fact that the plugin does not properly protect against malicious code being added, or against the malicious code being executed.

Detected in:

Store Exporter – Export WooCommerce Products, Orders, Subscriptions, Customers fixed vulnerable versions:
Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More fixed vulnerable versions:
WooCommerce – Store Exporter open vulnerable versions: >= * <= 1.7.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.