Order Export & Order Import for WooCommerce

WebToffee

Developer

2.7.2

Latest version

60,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

9 patched

1 Mitigation rules

Broken Access Control vulnerability
<= 2.6.7
30/10/2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability
<= 2.6.0
20/03/2025
Authenticated (Admin+) PHP Object Injection via form_data Parameter vulnerability
<= 2.6.0
20/03/2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function vulnerability
<= 2.6.0
20/03/2025
Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function vulnerability
<= 2.6.0
20/03/2025
PHP Object Injection vulnerability
<= 2.4.9
14/05/2024
Arbitrary File Upload vulnerability
<= 2.4.3
10/01/2024
Cross-Site Request Forgery (CSRF) vulnerability
<= 1.6.0
11/03/2020
Order Information Disclosure
<= 1.0.8
19/09/2016