Lucene search
K

161 matches found

CVE
CVE
added 2026/06/26 2:53 p.m.15 views

CVE-2026-57628

CVE-2026-57628 : Concrete details across connected sources show an Admin SQL Injection vulnerability in the WordPress WP All Import plugin, versions

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.4 views

EUVD-2026-39744

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.38 views

CVE-2026-57628 WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS0.00279EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 12:18 p.m.5 views

WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP All Import versions = 4.0.1...

7.6CVSS5.8AI score0.00279EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.23 views

PT-2026-52799

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/06 8:46 a.m.7 views

WordPress WP All Import plugin <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath' vulnerability

Reflected Cross-Site Scripting via 'filepath' vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin WP All Import versions = 4.0.0...

6.1CVSS5.8AI score0.00215EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/06 8:16 a.m.9 views

CVE-2026-2830

The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...

6.1CVSS0.00215EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/06 7:22 a.m.5 views

CVE-2026-2830 WP All Import <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath'

The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...

6.1CVSS5.9AI score0.00215EPSS
Exploits0References5
CVE
CVE
added 2026/03/06 7:22 a.m.24 views

CVE-2026-2830

WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets (WordPress plugin) is listed as vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in versions up to and including 4.0.0 due to insufficient input sanitization and output escaping. The CVE notes unauthen...

6.1CVSS5.9AI score0.00215EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/06 7:22 a.m.33 views

CVE-2026-2830 WP All Import <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath'

The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...

6.1CVSS0.00215EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.16 views

WordPress plugin WP All Import 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS6AI score0.00215EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/05 9:13 p.m.8 views

WordPress WP All Import plugin < 3.7.3 - Admin+ Arbitrary File Upload to RCE vulnerability

Admin+ Arbitrary File Upload to RCE vulnerability discovered by quangnt in WordPress Plugin WP All Import versions 3.7.3...

7.2CVSS5.4AI score0.01231EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.8 views

CVE-2017-18567

The wp-all-import plugin before 3.4.6 for WordPress has XSS...

6.1CVSS7.1AI score0.00905EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/10 6:50 a.m.170 views

Exploit for CVE-2015-9331

CVE-2015-9331 POC Vulnerability Description CVE-2015-9331...

7.5CVSS7.5AI score0.01428EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/11/14 4:6 a.m.8 views

CVE-2025-12733

The Import any XML, CSV or Excel File to WordPress WP All Import plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.9.6. This is due to the use of eval on unsanitized user-supplied input in the pmxiif function within helpers/functions.php. This mak...

8.8CVSS7.8AI score0.00622EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 3:27 a.m.26 views

CVE-2025-12733

CVE-2025-12733 affects the WordPress plugin Import any XML, CSV or Excel File to WordPress (WP All Import) up to version 3.9.6. The issue is an authenticated (Administrator+) Remote Code Execution via crafted import templates, caused by the use of eval() on unsanitized input in pmxi_if within hel...

8.8CVSS7.7AI score0.00622EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/12 11:21 p.m.9 views

WordPress Import any XML, CSV or Excel File to WordPress (WP All Import) plugin <= 3.9.6 - Authenticated (Administrator+) Remote Code Execution via Conditional Logic vulnerability

Authenticated Administrator+ Remote Code Execution via Conditional Logic vulnerability discovered by tmrswrr in WordPress Plugin WP All Import versions = 3.9.6...

8.8CVSS7.2AI score0.00622EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13514

Malware in sbrugna...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1363

Malware in sbrugna...

6.1CVSS6.2AI score0.01537EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-1364

Malware in sbrugna...

6.1CVSS6.2AI score0.01537EPSS
Exploits0References4
Rows per page
Query Builder