CVE-2025-14627
CVE-2025-14627 affects the WP Import – Ultimate CSV XML Importer for WordPress plugin (up to version 7.35). Wordfence reports an SSRF vulnerability: Bitly shortlinks are unrevalidated after unshortening in upload_function(), allowing authenticated attackers with Contributor+ to force the server t...