WordPress Import WP plugin <= 2.14.17 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by type5afe in WordPress Plugin Import WP versions = 2.14.17...

CVE-2025-12894 Import WP – Export and Import CSV and XML files to WordPress <= 2.14.17 - Unauthenticated Information Exposure

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the import/export functionality and a lack of .htaccess protection. This makes it possible for unauthenticated...

PT-2025-47698

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the import/export functionality and a lack of .htaccess protection. This makes it possible for unauthenticated...

PT-2025-44717

Name of the Vulnerable Software and Affected Versions Import WP – Export and Import CSV and XML files to WordPress plugin versions prior to 2.14.17 Description The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is susceptible to Arbitrary File Read due to...