WordPress Import any XML or CSV File to WordPress plugin <= 3.6.7 - Authenticated Arbitrary Code Execution vulnerability

2022-06-2800:00:00

Universe (Patchstack Alliance)

patchstack.com

0.001 Low

EPSS

Percentile

47.3%

JSON

Authenticated Arbitrary Code Execution vulnerability discovered by Universe (Patchstack Alliance) in WordPress Import any XML or CSV File to WordPress plugin (versions <= 3.6.7).

Solution

           Update the WordPress Import any XML or CSV File to WordPress plugin to the latest available version (at least 3.6.8).

CPENameOperatorVersion
import any xml or csv file to wordpressle3.6.7

CPE	Name	Operator	Version
	import any xml or csv file to wordpress	le	3.6.7

0.001 Low

EPSS

Percentile

47.3%

JSON

Related for PATCHSTACK:33BCB15434633864D6CAF1B404F07E42