Tag Archives: WooCommerce Order Export and More

What Plugin Vulnerabilities Was Up to in April

If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service. Here is what we did to keep those are already using our service secure from WordPress plugin vulnerabilities during April (and what you have been missing out on if you haven’t signed up yet).

Paid customers of the service can suggest and vote on plugins to have a security review done by us (you can also order a review separately). This month we released details of our review of Shareaholic. [Read more]

Full Disclosure of Reflected Cross-Site Scripting (XSS) Vulnerability in WooCommerce Order Export and More

The other day while looking for information on a vulnerability possibly related to a plugin that exports order information from WooCommerce we ran across a report of an unrelated possible vulnerability in the plugin WooCommerce Order Export and More from php-grindr.

That report pointed to the value of the GET or POST input “tab” being set to value of the variable $tab in the file /order-export-and-more-for-woocommerce/inc/jem-exporter.php: [Read more]