WordPress WP All Import Pro plugin < 4.9.8 - Authenticated (Administrator+) PHP Object Injection via Import File vulnerability
Authenticated Administrator+ PHP Object Injection via Import File vulnerability discovered by ? in WordPress Plugin WP All Import Pro versions 4.9.8...