Lucene search
K

47 matches found

NVD
NVD
added 2024/10/11 1:15 p.m.20 views

CVE-2024-7514

The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with Author-level access an...

6.5CVSS0.01039EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2024/10/11 10:43 a.m.87 views

Exploit for CVE-2024-7514

CVE-2024-7514 WordPress Comments Import & Export = 2.3...

6.5CVSS9.2AI score0.01039EPSS
Exploits1
CVE
CVE
added 2024/10/11 8:30 a.m.57 views

CVE-2024-7514

Summary: CVE-2024-7514 affects WordPress plugin WordPress Comments Import & Export (

6.5CVSS6.5AI score0.01039EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/11 8:30 a.m.18 views

CVE-2024-7514 WordPress Comments Import & Export <= 2.3.7 - Authenticated (Author+) Arbitrary File Read via Directory Traversal

The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with Author-level access an...

6.5CVSS6.5AI score0.01039EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.12 views

WordPress plugin Comments Import & Export 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists...

6.5CVSS6.4AI score0.01039EPSS
Exploits1References3
Patchstack
Patchstack
added 2024/10/10 8:28 p.m.10 views

WordPress WordPress Comments Import & Export plugin <= 2.3.7 - Authenticated (Author+) Arbitrary File Read via Directory Traversal vulnerability

Authenticated Author+ Arbitrary File Read via Directory Traversal vulnerability discovered by scottaglia in WordPress Plugin Comments Import & Export versions = 2.3.7...

6.5CVSS5.4AI score0.01039EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.15 views

WordPress WordPress Comments Import & Export Plugin <= 2.3.7 is vulnerable to Directory Traversal

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-7514 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 06055d28d8b6 Credits scottaglia Required...

6.5CVSS6.8AI score0.01039EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2024/04/12 1:15 p.m.28 views

CVE-2024-31235

Cross-Site Request Forgery CSRF vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5...

4.3CVSS4.6AI score0.00227EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/12 1:1 p.m.22 views

CVE-2024-31235 WordPress Comments Import & Export plugin <= 2.3.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5...

4.3CVSS5AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.9 views

WordPress Plugin WordPress Comments Import & Export 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WordPress Comments Import & Export A cross-site request...

4.3CVSS8.3AI score0.00227EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/05 5:12 a.m.3 views

WordPress Comments Import & Export plugin <= 2.3.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WordPress Comments Import & Export versions = 2.3.5...

4.3CVSS7AI score0.00227EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.11 views

WordPress WordPress Comments Import & Export Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31235 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8fb386b6b6f3 Credits...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/11/07 5:15 p.m.26 views

CVE-2022-45370

Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1...

9.8CVSS0.00847EPSS
Exploits0References1
Prion
Prion
added 2023/11/07 5:15 p.m.16 views

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1...

7.5CVSS7AI score0.00847EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 4:56 p.m.5 views

CVE-2022-45370 WordPress WordPress Comments Import & Export plugin <= 2.3.1 - CSV Injection

A vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce.This issue affects Comments Import & Export: from n/a through = 2.3.1...

6.1CVSS8.5AI score0.00847EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 4:56 p.m.94 views

CVE-2022-45370

The CVE CVE-2022-45370 concerns the WebToffee WordPress Comments Import & Export plugin (versions 2.3.1 and earlier). The issue is an improper neutralization of formula elements in CSV files (CSV Injection) when importing/exporting comments, allowing unauthenticated attackers to craft CSV payload...

9.8CVSS8.5AI score0.00847EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.3 views

WordPress Plugin WordPress Comments Import & Export Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

9.8CVSS6.6AI score0.00847EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/02/06 12:0 a.m.14 views

WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45370 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID aa57ae50e983 Credits Mika Required privilege...

9.8CVSS6.9AI score0.00847EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/03/11 12:0 a.m.13 views

WordPress Comments Import & Export plugin <= 2.1.10 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by WordFence in WordPress Comments Import & Export plugin versions = 2.1.10. Solution Update the WordPress Comments Import & Export plugin to the latest available version at least 2.1.11...

3.2AI score
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2018/06/25 12:0 a.m.51 views

WordPress Plugin Comments Import Export 2.0.4 - CSV Injection

WordPress Plugin Comments Import Export 2.0.4 - CSV Injection Exploit Title: Wordpress Plugin Comments Import & Export 2.0.4 - CSV Injection Google Dork: N/A Date: 2018-06-24 Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/comments-import-export-woocommerce/ Affected...

6.8CVSS0.05209EPSS
Exploits5
Rows per page
Query Builder