Filter
-Infinity
0

Trending

Last week
Last month
Last year

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance <= 4.15.6 - Authenticated (Admin+) Stored Cross-Site Scripting

medium
4.4
First published (updated )
CVE-2025-2205

WebToffee Wishlist for WooCommerceWordPress Wishlist for WooCommerce plugin <=2.1.2 - Cross Site Scripting (XSS) vulnerability

medium
5.9
EPSS
0.04%
First published (updated )
CVE-2025-24657

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsWordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability

medium
5.9
EPSS
0.04%
First published (updated )
CVE-2025-24644

Webtoffee Backup And MigrationWordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerability

medium
5.4
First published (updated )
CVE-2023-45636

Webtoffee Backup And MigrationWordPress WordPress Backup & Migration plugin <= 1.4.0 - Broken Access Control vulnerability

medium
4.3
First published (updated )
CVE-2023-33928

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Webtoffee Backup And MigrationWordPress WordPress Backup & Migration plugin <= 1.4.3 - Broken Access Control vulnerability

medium
5.4
First published (updated )
CVE-2023-52183

WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsWordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.2.1 - Privilege Escalation vulnerability

high
7.2
First published (updated )
CVE-2023-51546

Webtoffee WordPress Comments Import And ExportWordPress Comments Import & Export plugin <= 2.3.5 - Cross Site Request Forgery (CSRF) vulnerability

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2024-31235

Webtoffee Backup And MigrationWordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability

low
3.7
EPSS
0.04%
First published (updated )
CVE-2024-31254

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsThe WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress…

medium
5.3
EPSS
0.04%
First published (updated )
CVE-2024-3216

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsWordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.4.0 - Reflected Cross Site Scripting (XSS) vulnerability

high
7.1
EPSS
0.04%
First published (updated )
CVE-2024-22288

WebToffee Product Import Export for WooCommerceWordPress Product Import Export for WooCommerce plugin <= 2.4.1 - Arbitrary File Upload vulnerability

critical
9.1
EPSS
0.04%
First published (updated )
CVE-2024-30231

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsXSS

medium
6.1
First published (updated )
CVE-2024-0957

WebToffee Order Export & Order Import for WooCommerceWordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File Upload

high
8
EPSS
0.05%
First published (updated )
CVE-2024-22135

WebToffee Product Import Export for WooCommerceWordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File Upload

high
8
EPSS
0.05%
First published (updated )
CVE-2024-22152

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Payment Plugins for Stripe WooCommerceSQL Injection

critical
9.8
EPSS
0.08%
First published (updated )
CVE-2024-0705

WebToffee Import Export WordPress UsersMalicious File Upload

high
7.2
EPSS
0.14%
First published (updated )
CVE-2023-6558

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping LabelsThe WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress…

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2023-7068

Webtoffee DecoratorWordPress Decorator – WooCommerce Email Customizer Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

high
8.8
First published (updated )
CVE-2023-48284

Webtoffee Backup And MigrationWordPress Backup & Migration < 1.4.5 - Subscriber+ Stored XSS

medium
5.4
EPSS
0.04%
First published (updated )
CVE-2023-5738

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Webtoffee Backup And MigrationWordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2023-5737

Webtoffee WordPress Comments Import And ExportWordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection

critical
9.8
First published (updated )
CVE-2022-45370

Webtoffee Product Reviews Import Export For WoocommerceWordPress Product Reviews Import Export for WooCommerce Plugin <= 1.4.8 is vulnerable to CSV Injection

critical
9.8
First published (updated )
CVE-2022-46802

Payment Plugins for Stripe WooCommerceThe Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypas…

critical
9.8
First published (updated )
CVE-2023-3162

Payment Plugins for Stripe WooCommerceThe Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modific…

medium
5.3
First published (updated )
CVE-2023-4040

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

WebToffee Import Export WordPress UsersThe Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modific…

high
7.2
First published (updated )
CVE-2023-3459

WebToffee Import Export WordPress UsersThe users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscr…

high
8.8
First published (updated )
CVE-2020-12074

WebToffee Import Export WordPress UsersThe webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress all…

high
7.3
First published (updated )
CVE-2019-15092

Webtoffee WordPress Comments Import And ExportThe plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to C…

high
7.8
First published (updated )
CVE-2018-11526

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203