Product Feed Pro For Woocommerce
Approved changes feed: RSS · Atom
cpe:2.3:a:adtribes:product_feed_pro_for_woocommerce:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Adtribes (bc47004a-a1d5-574f-967b-5cb738dc12e3) |
|---|---|
| Product | Product Feed Pro For Woocommerce (1e86887e-bece-50bb-aae6-a4692ab11077) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-32087 |
vulnerable | 2026-06-08 06:35:32.714519 |
WordPress Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More plugin <= 3.5.7 - Auth. SQL Injection (SQLi) vulnerability
HIGH (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExportFeed.Com Product Feed on WooCommerce for Google.This issue affects Product Feed on WooCommerce for Google: from n/a through 3.5.7.
Published: 2024-04-15T07:40:55.205Z
Updated: 2026-04-28T16:09:33.666Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-46793 |
vulnerable | 2026-06-08 05:50:39.441514 |
WordPress Product Feed PRO for WooCommerce Plugin <= 12.4.4 is vulnerable to Cross Site Request Forgery (CSRF)
MEDIUM (5.4)
Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product Feed PRO for WooCommerce plugin <= 12.4.4 versions.
Published: 2023-04-06T12:44:09.171Z
Updated: 2026-04-28T16:07:54.182Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-0426 |
vulnerable | 2026-06-08 05:39:10.029123 |
Product Feed PRO for WooCommerce < 11.2.3 - Reflected Cross-Site Scripting
The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the woosea_categories_dropdown AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting
Published: 2022-03-07T08:16:36.000Z
Updated: 2024-08-02T23:25:40.558Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24974 |
vulnerable | 2026-06-08 05:30:39.727789 |
Product Feed PRO for WooCommerce < 11.0.7 - Subscriber+ Settings Update to Stored XSS
The Product Feed PRO for WooCommerce WordPress plugin before 11.0.7 does not have authorisation and CSRF check in some of its AJAX actions, allowing any authenticated users to call then, which could lead to Stored Cross-Site Scripting issue (which will be triggered in the admin dashboard) due to the lack of escaping.
Published: 2022-01-24T08:01:00.000Z
Updated: 2024-08-03T19:49:14.388Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.