89 matches found
CVE-2025-14627
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.35. This is due to inadequate validation of the resolved URL after following Bitly shortlink redirects in the uploadfunction method...
CVE-2025-14627
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.35. This is due to inadequate validation of the resolved URL after following Bitly shortlink redirects in the uploadfunction method...
EUVD-2026-0012
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.35. This is due to inadequate validation of the resolved URL after following Bitly shortlink redirects in the uploadfunction method...
CVE-2025-14627 WP Import – Ultimate CSV XML Importer for WordPress <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.35. This is due to inadequate validation of the resolved URL after following Bitly shortlink redirects in the uploadfunction method...
CVE-2025-14627 WP Import – Ultimate CSV XML Importer for WordPress <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass
The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.35. This is due to inadequate validation of the resolved URL after following Bitly shortlink redirects in the uploadfunction method...
CVE-2025-14627
CVE-2025-14627 affects the WP Import – Ultimate CSV XML Importer for WordPress plugin (up to version 7.35). Wordfence reports an SSRF vulnerability: Bitly shortlinks are unrevalidated after unshortening in upload_function(), allowing authenticated attackers with Contributor+ to force the server t...
WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability
WordPress WP Import - Ultimate CSV XML Importer for WordPress plugin = 7.35 - Authenticated Contributor+ Server-Side Request Forgery via Bitly Shortlink Bypass vulnerability discovered by WordFence in WordPress Plugin WP Ultimate CSV Importer versions = 7.35...
WordPress plugin WP Import – Ultimate CSV XML Importer 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin WP...
EUVD-2021-2545
Malware in sbrugna...
EUVD-2021-2584
Malware in sbrugna...
EUVD-2024-40105
Malicious code in bioql PyPI...
EUVD-2025-30574
Malicious code in bioql PyPI...
EUVD-2023-57873
Malicious code in bioql PyPI...
EUVD-2025-17193
Malicious code in bioql PyPI...
EUVD-2024-50999
Malicious code in bioql PyPI...
CVE-2025-58231
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...
CVE-2025-58231
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...
WordPress Bitly Plugin <= 2.7.4 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Bitly versions = 2.7.4...
CVE-2025-58231 WordPress Bitly plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...
CVE-2025-58231
The CVE CVE-2025-58231 affects Bitly’s WordPress plugin (Bitly) up to version 2.7.4. It is a Stored XSS due to Improper Neutralization of Input During Web Page Generation. Product/impact details beyond this description (remediation, patches) are not provided in the documents.