The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parame
The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.6.2 via the download_file() function. This makes it possible for
The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properl
The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's RE
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the download_file_ajax function. This makes i
The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Ad
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filena
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.9 via the handle_downloads() function due to insufficient fil
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwr_get_file function. This makes it possible for
The BFG Tools – Extension Zipper plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0.7. This is due to insufficient input validation on the user-supplied `fi
The Simple CSV Table plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.1 via the `href` parameter in the `[csv]` shortcode. This is due to insufficien
The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to,
The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'delete_migrated_data' functi
The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.1.0 via the import functionality. This make
The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userpro_fbconnect() function. T
The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output() function. This makes it possible for authenticated attac
The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the get_local_filename() function. This makes it possible for authenticated attack
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the import/expor
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the upload_function() function in all
Page 1+ Next →