CVE-2025-12894

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the import/export functionality and a lack of .htaccess protection. This makes it possible for unauthenticated...

WordPress plugin Import WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress Import WP plugin, which stems from a lack of .htaccess protection for the import and export functionality, which can ...

EUVD-2022-24606

Malicious code in bioql PyPI...

CVE-2022-1273

The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files such as PHP, leading to RCE...

CVE-2024-13562

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

CVE-2024-13562

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

CVE-2024-13562 Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads directory. This makes it possible for unauthenticated attackers to extract sensitive data stored...

CVE-2024-13562

The CVE CVE-2024-13562 affects the WordPress plugin Import WP – Export and Import CSV and XML files to WordPress, with all versions up to and including 2.14.5 vulnerable to unauthenticated Sensitive Information Exposure via the uploads directory. The issue allows an unauthenticated attacker to re...

PT-2025-2219 · WordPress · Import Wp

Name of the Vulnerable Software and Affected Versions: Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress versions up to, and including, 2.14.5 Description: The issue allows unauthenticated attackers to extract sensitive data stored insecurely in the...