Product Import Export for WooCommerce – Import Export Product CSV Suite

Vulnerabilities 8Slug product-import-export-for-wooLatest version 2.6.3WordPress.org →

Minimum safe version

2.5.1

Update to 2.5.1 or later to address 8 fixable vulnerabilities

Latest available2.6.3 ✓

Medium 4.9

2025-03-26< 2.5.1

Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function

EUVD Wordfence CVE

Low 2.7

2025-03-26< 2.5.1

Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function

EUVD Wordfence CVE

High 7.6

2025-03-26< 2.5.1

Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

EUVD Wordfence CVE

High 7.2

2025-03-26< 2.5.1

WordPress Product Import Export for WooCommerce Plugin <= 2.5.0 is vulnerable to PHP Object Injection

Patchstack EUVD Wordfence CVE

Critical 9.1

2024-03-26< 2.4.2

CVE-2024-30231