Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

webtoffee — Vulnerabilities & Security Advisories 50

Browse all 50 CVE security advisories affecting webtoffee. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products webtoffee:Order Export & Order Import for WooCommerceExport and Import Users and CustomersWordPress Backup & MigrationProduct Import Export for WooCommerce – Import Export Product CSV SuiteWebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping LabelsWooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsProduct Feed for WooCommerceComments Import & ExportWordPress Comments Import & ExportProduct Import Export for WooCommerceImport Export WordPress UsersWebToffee eCommerce Marketing AutomationAccessibility Toolkit by WebYesAlt Text Generator AI – Auto Generate & Bulk Update Alt Texts For ImagesSmart Coupons for WooCommerceWishlist for WooCommerceWebToffee WP Backup and MigrationWooCommerce Shipping LabelDecorator – WooCommerce Email CustomizerProduct Reviews Import Export for WooCommerceStripe Payment Plugin for WooCommerce
CVE IDTitleCVSSSeverityPaused
CVE-2024-34751 WordPress Order Export & Order Import for WooCommerce plugin <= 2.4.9 - PHP Object Injection vulnerability — Order Export & Order Import for WooCommerceCWE-502 4.4 Medium2024-05-16
CVE-2024-3546 WordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory Traversal — WebToffee WP Backup and MigrationCWE-862 4.3 Medium2024-05-02
CVE-2024-32834 WordPress WooCommerce Shipping Label plugin <= 2.3.8 - Cross Site Scripting (XSS) vulnerability — WooCommerce Shipping LabelCWE-79 5.9 Medium2024-04-24
CVE-2024-32835 WordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerability — Import Export WordPress UsersCWE-502 5.4 Medium2024-04-24
CVE-2024-31235 WordPress Comments Import & Export plugin <= 2.3.5 - Cross Site Request Forgery (CSRF) vulnerability — WordPress Comments Import & ExportCWE-352 4.3 Medium2024-04-12
CVE-2024-31254 WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability — WordPress Backup & MigrationCWE-532 3.7 Low2024-04-10
CVE-2024-3216 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.2 - Missing Authorization to Unauthenticated Settings Reset — WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping LabelsCWE-862 5.3 Medium2024-04-06
CVE-2024-30492 WordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerability — Import Export WordPress UsersCWE-22 4.3 Medium2024-03-29
CVE-2024-22288 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.4.0 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsCWE-79 7.1 High2024-03-27
CVE-2024-30231 WordPress Product Import Export for WooCommerce plugin <= 2.4.1 - Arbitrary File Upload vulnerability — Product Import Export for WooCommerceCWE-434 9.1 Critical2024-03-26
CVE-2024-0957 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.1 - Unauthenticated Stored Cross-Site Scripting — WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping LabelsCWE-79 6.1 Medium2024-03-22
CVE-2024-22135 WordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File Upload — Order Export & Order Import for WooCommerceCWE-434 8.0 High2024-01-24
CVE-2024-22152 WordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File Upload — Product Import Export for WooCommerceCWE-434 8.0 High2024-01-24
CVE-2023-6558 Export and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File Upload — Export and Import Users and CustomersCWE-434 7.2 High2024-01-11
CVE-2023-7068 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.3.0 - Missing Authorization to Order Export — WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping LabelsCWE-862 4.3 Medium2024-01-03
CVE-2023-48284 WordPress Decorator – WooCommerce Email Customizer Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF) — Decorator – WooCommerce Email CustomizerCWE-352 4.3 Medium2023-11-30
CVE-2022-45370 WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection — WordPress Comments Import & ExportCWE-1236 8.3 -2023-11-07
CVE-2022-46802 WordPress Product Reviews Import Export for WooCommerce Plugin <= 1.4.8 is vulnerable to CSV Injection — Product Reviews Import Export for WooCommerceCWE-1236 8.0 -2023-11-07
CVE-2023-4040 WordPress plugin Stripe Payment Plugin for WooCommerce 安全漏洞 — Stripe Payment Plugin for WooCommerce 5.3 Medium2023-08-18
CVE-2023-3459 Export and Import Users and Customers <= 2.4.1 - Missing Authorization to Authenticated (Shop Manager) Arbitrary User Password Change — Export and Import Users and CustomersCWE-863 7.2 High2023-07-18

This page lists every published CVE security advisory associated with webtoffee. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.