CVE-2021-24169

MEDIUM NUCLEI

Algolplus Advanced Order Export For Woocommerce < 3.1.8 - XSS

Title source: rule

Description

This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.

Exploits (1)

exploitdb WORKING POC
by 0xB9 · textwebappsphp
https://www.exploit-db.com/exploits/50324

Nuclei Templates (1)

WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
MEDIUMVERIFIEDby r3Y3r53

References (2)

Scores

CVSS v3 6.1
EPSS 0.0186
EPSS Percentile 83.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
algolplus/advanced_order_export_for_woocommerce < 3.1.8
Published Apr 05, 2021
Tracked Since Feb 18, 2026