CVE-2022-35275

Description

Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

Algolplus / Advanced Order Export For WooCommerce (WordPress plugin)<= 3.3.1 – 3.3.1

References

MISChttps://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-3-1-reflected-cross-site-scripting-xss-vulnerability/_s_id=cve
MISChttps://wordpress.org/plugins/woo-order-export-lite/