Villatheme Orders Tracking For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Villatheme Orders Tracking For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-25062 — CVSS 6.1 (medium): The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in…
CVE-2023-4216 — CVSS 2.7 (low): The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file…