Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how webtoffee compares to other vendors in security performance

View Risk Score →

Software

webtoffee import export wordpress users wordpress
6
webtoffee product import export for woocommerce wordpress
6
webtoffee woocommerce pdf invoices\, packing slips\, delivery notes and shipping labels wordpress
6
webtoffee gdpr cookie compliance
5
webtoffee order export \& order import for woocommerce wordpress
5
webtoffee import export wordpress users
3
webtoffee product feed for woocommerce
3
webtoffee woocommerce pdf invoices, packing slips, delivery notes and shipping labels
3
webtoffee wordpress backup & migration
3
webtoffee backup and migration
2
webtoffee gdpr cookie consent
2
webtoffee gdpr cookie consent wordpress
2
webtoffee order export & order import for woocommerce
2
webtoffee smart coupons for woocommerce
2
webtoffee stripe payment plugin for woocommerce wordpress
2
webtoffee wordpress backup & migration (wp-migration-duplicator)
2
webtoffee backup and migration wordpress
1
webtoffee comments import & export
1
webtoffee decorator wordpress
1
webtoffee export and import users and customers
1
webtoffee product import export for woocommerce
1
webtoffee product reviews import export for woocommerce wordpress
1
webtoffee webtoffee ecommerce marketing automation
1
webtoffee woocommerce shipping label
1
webtoffee wordpress comments import & export
1
webtoffee wordpress comments import and export
1
webtoffee wordpress comments import and export wordpress
1

WebToffee Smart Coupons for WooCommerceWordPress Smart Coupons for WooCommerce plugin < 2.3.0 - Broken Access Control vulnerability

Risk 43
Severity
7.5
First published (updated )
CVE-2026-45438

WebToffee Comments Import & ExportWordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability

Risk 44
Severity
7.7
First published (updated )
CVE-2026-32441

WebToffee Product Feed for WooCommerceWordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

Risk 66
Severity
7.2
First published (updated )
CVE-2026-22480

WebToffee WebToffee eCommerce Marketing AutomationWordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability

Risk 22
Severity
4.3
First published (updated )
CVE-2025-67599

WebToffee Product Feed for WooCommerceWordPress Product Feed for WooCommerce plugin <= 2.3.1 - Broken Access Control vulnerability

Risk 22
Severity
4.3
First published (updated )
CVE-2025-66089
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

WebToffee Order Export & Order Import for WooCommerceWordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - Broken Access Control vulnerability

Risk 22
Severity
4.3
First published (updated )
CVE-2025-64382

WebToffee Smart Coupons for WooCommerceWordPress Smart Coupons for WooCommerce plugin <= 2.2.3 - Broken Access Control vulnerability

Risk 22
Severity
4.3
First published (updated )
CVE-2025-64358

WebToffee Product Feed for WooCommerceWordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control Vulnerability

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-49287

WebToffee GDPR Cookie ConsentGDPR Cookie Consent <= 2.6.0 - Unauthenticated Stored XSS

Risk 34
Severity
5.4
First published (updated )
CVE-2024-8397

WebToffee GDPR Cookie ConsentGDPR Cookie Consent <= 2.6.0 - Bulk Delete via CSRF

Risk 37
Severity
6.5
First published (updated )
CVE-2024-8286
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

WebToffee WordPress Backup & MigrationWordPress WebToffee WP Backup and Migration plugin <= 1.5.3 - Sensitive Data Exposure vulnerability

Risk 35
Severity
5.9
First published (updated )
CVE-2025-24651

WooCommerce Product Import Export for WooCommerceProduct Import Export for WooCommerce <= 2.5.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter

Risk 66
Severity
7.2
First published (updated )
CVE-2025-1913

WooCommerce Product Import Export for WooCommerceProduct Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function

Risk 49
Severity
6.5
First published (updated )
CVE-2025-1911

WooCommerce Product Import Export for WooCommerceProduct Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

Risk 47
Severity
7.6
First published (updated )
CVE-2025-1912

WooCommerce Product Import Export for WooCommerceProduct Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function

Risk 30
Severity
4.9
First published (updated )
CVE-2025-1769
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

WordPress Export and Import Users and CustomersExport and Import Users and Customers <= 2.6.2 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function

Risk 30
Severity
4.9
First published (updated )
CVE-2025-1973

WordPress Export and Import Users and CustomersExport and Import Users and Customers <= 2.6.2 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

Risk 47
Severity
7.6
First published (updated )
CVE-2025-1970

WordPress Export and Import Users and CustomersExport and Import Users and Customers <= 2.6.2 - Authenticated (Admin+) PHP Object Injection via form_data Parameter

Risk 66
Severity
7.2
First published (updated )
CVE-2025-1971

WordPress Export and Import Users and CustomersExport and Import Users and Customers <= 2.6.2 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function

Risk 49
Severity
6.5
First published (updated )
CVE-2025-1972

WooCommerce Order Export & Order Import for WooCommerceOrder Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function

Risk 30
Severity
4.9
First published (updated )
CVE-2024-13920
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

WooCommerce Order Export & Order Import for WooCommerceOrder Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter

Risk 66
Severity
7.2
First published (updated )
CVE-2024-13921

WooCommerce Order Export & Order ImportOrder Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function

Risk 49
Severity
6.5
First published (updated )
CVE-2024-13922

WooCommerce Order Export & Order Import for WooCommerceOrder Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

Risk 47
Severity
7.6
First published (updated )
CVE-2024-13923

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

Risk 24
Severity
3.5
First published (updated )
CVE-2025-1624

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

Risk 24
Severity
3.5
First published (updated )
CVE-2025-1623
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

Risk 29
Severity
4.8
First published (updated )
CVE-2025-1620

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

Risk 29
Severity
4.8
First published (updated )
CVE-2025-1619

WebToffee GDPR Cookie ComplianceGDPR Cookie Compliance <= 4.15.6 - Authenticated (Admin+) Stored Cross-Site Scripting

Risk 29
Severity
4.8
First published (updated )
CVE-2025-2205

WebToffee Woocommerce Pdf Invoices\, Packing Slips\, Delivery Notes And Shipping Labels WordpressWordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability

Risk 22
Severity
5.9
EPSS
0.04%
First published (updated )
CVE-2025-24644

WebToffee WordPress Backup & Migration (wp-migration-duplicator)WordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerability

Risk 34
Severity
5.4
First published (updated )
CVE-2023-45636
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203