Order Export & Order Import for WooCommerce

WebToffee

Developer

2.6.9

Latest version

60,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

9 fixed

1 Mitigation rules

Broken Access Control vulnerability
<= 2.6.7
Oct 30, 2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability
<= 2.6.0
Mar 20, 2025
Authenticated (Admin+) PHP Object Injection via form_data Parameter vulnerability
<= 2.6.0
Mar 20, 2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function vulnerability
<= 2.6.0
Mar 20, 2025
Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function vulnerability
<= 2.6.0
Mar 20, 2025
PHP Object Injection vulnerability
<= 2.4.9
May 14, 2024
Arbitrary File Upload vulnerability
<= 2.4.3
Jan 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability
<= 1.6.0
Mar 11, 2020
Order Information Disclosure
<= 1.0.8
Sep 19, 2016