156 matches found
WordPress WP All Import plugin <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath' vulnerability
Reflected Cross-Site Scripting via 'filepath' vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin WP All Import versions = 4.0.0...
CVE-2026-2830
The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2026-2830 WP All Import <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath'
The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2026-2830
WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets (WordPress plugin) is listed as vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in versions up to and including 4.0.0 due to insufficient input sanitization and output escaping. The CVE notes unauthen...
CVE-2026-2830 WP All Import <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath'
The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filepath’ parameter in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping. This makes it possib...
WordPress plugin WP All Import 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress WP All Import plugin < 3.7.3 - Admin+ Arbitrary File Upload to RCE vulnerability
Admin+ Arbitrary File Upload to RCE vulnerability discovered by quangnt in WordPress Plugin WP All Import versions 3.7.3...
CVE-2017-18567
The wp-all-import plugin before 3.4.6 for WordPress has XSS...
Exploit for CVE-2015-9331
CVE-2015-9331 POC Vulnerability Description CVE-2015-9331...
CVE-2025-12733
The Import any XML, CSV or Excel File to WordPress WP All Import plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.9.6. This is due to the use of eval on unsanitized user-supplied input in the pmxiif function within helpers/functions.php. This mak...
CVE-2025-12733
CVE-2025-12733 affects the WordPress plugin Import any XML, CSV or Excel File to WordPress (WP All Import) up to version 3.9.6. The issue is an authenticated (Administrator+) Remote Code Execution via crafted import templates, caused by the use of eval() on unsanitized input in pmxi_if within hel...
WordPress Import any XML, CSV or Excel File to WordPress (WP All Import) plugin <= 3.9.6 - Authenticated (Administrator+) Remote Code Execution via Conditional Logic vulnerability
Authenticated Administrator+ Remote Code Execution via Conditional Logic vulnerability discovered by tmrswrr in WordPress Plugin WP All Import versions = 3.9.6...
EUVD-2018-1364
Malware in sbrugna...
EUVD-2018-13514
Malware in sbrugna...
EUVD-2018-1363
Malware in sbrugna...
EUVD-2017-9683
Malware in sbrugna...
EUVD-2024-53887
Malicious code in bioql PyPI...
EUVD-2024-30249
Malicious code in bioql PyPI...
WordPress WP All Import plugin <= 3.9.3 - Authenticated (Admin+) Limited Unsafe File Upload vulnerability
Authenticated Admin+ Limited Unsafe File Upload vulnerability discovered by Nguyen Quang Truong Roll in WordPress Plugin WP All Import versions = 3.9.3...
CVE-2024-32431
Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2...