The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a missing authorization check on the showsetting() fun
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_ftp_details' AJAX action in all
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.33.1. This is due to deserialization of untru
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads direc
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the import/expor
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.28. This is due to the write_to_customfile()
The WP Online Contract plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the json_import() and json_export() functions in all versions up to, and including
The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing authorization checks in the eto_import_settings fun
The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.9.6. This is due to the use of ev
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import functionality in all versions up to, a
The Magic Import Document Extractor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.4 via the get_frontend_settings() function. This make
The Export Import Menus plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dsp_export_import_menus() function in all versions up to, and includi
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import_single_post_as_csv() function in all ver
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the upload_function() function in all
The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_sync_usage() function in all versions up to, a
The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_setting() function in all versions up to, and
The TP2WP Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Watched domains' textarea on the attachment importer settings page in all versions up to, and including, 1
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's RE
The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_s
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings function in all versions up to, an
Page 1+ Next →