← Back

Exportfeed

exportfeed

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Exportfeed
1Woocommerce Etsy Integration
Jun 17, 2026
Jul 12, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The WooCommerce Etsy Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the etcpf_delete_feed() f...Show more
The WooCommerce Etsy Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the etcpf_delete_feed() function. This makes it possible for unauthenticated attackers to delete an export feed via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
1Exportfeed
1Exportfeed
Jun 17, 2026
Feb 21, 2022
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the product_id POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users