47 matches found
WordPress LJ comments import: reloaded plugin <= 0.97.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin LJ comments import: reloaded versions = 0.97.1...
CVE-2026-8624
The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-8624 LJ comments import: reloaded <= 0.97.1 - Reflected Cross-Site Scripting via PHP_SELF Parameter
The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
EUVD-2026-31015
The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-32441
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
EUVD-2026-15821
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
CVE-2026-32441
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
CVE-2026-32441 WordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
CVE-2026-32441
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
CVE-2026-32441
CVE-2026-32441 is a Missing Authorization vulnerability in the WordPress plugin Comments Import & Export for WooCommerce, affecting versions up to and including 2.4.9. Connected sources confirm the issue type but do not provide exploit vectors, exact root cause, or a published fix in the supplied...
CVE-2026-32441 WordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through = 2.4.9...
WordPress plugin Comments Import & Export 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-27997
Name of the Vulnerable Software and Affected Versions WebToffee Comments Import & Export versions n/a through 2.4.9 Description An authorization issue exists in WebToffee Comments Import & Export comments-import-export-woocommerce. The issue involves exploiting incorrectly configured access contr...
WordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Comments Import & Export versions = 2.4.9...
EUVD-2018-3555
Malware in sbrugna...
EUVD-2024-29131
Malicious code in bioql PyPI...
CVE-2025-3919 WordPress Comments Import & Export <= 2.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savesettings function in all versions up to, and including, 2.4.3. Additionally, the plugin fails to properly sanitize and escape FTP settings...
WordPress plugin Comments Import & Export Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2024-31235
Cross-Site Request Forgery CSRF vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5...
CVE-2022-45370
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1...