WordPress plugin CSV Mass Importer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-21780 · WordPress · Csv Mass Importer

Name of the Vulnerable Software and Affected Versions: CSV Mass Importer WordPress plugin versions 1.2 and earlier Description: The issue concerns the CSV Mass Importer WordPress plugin, which does not properly validate uploaded files. This allows high-privilege users, such as administrators, to...

CVE-2024-56157

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

Exploit for CVE-2025-4190

CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...

CVE-2024-56157

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

CVE-2024-56157 iTop vulnerable to Self XSS in CSV Import

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

CVE-2024-56157 iTop vulnerable to Self XSS in CSV Import

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

CVE-2024-56157

Summary: CVE-2024-56157 affects iTop before versions 3.1.3 and 3.2.1, where inserting malicious code into a CSV during import enables a cross-site scripting (XSS) attack. Affected software: iTop (web-based IT Service Management tool; Combodo). Root cause / vector: CSV import accepts unvalidated/m...

CVE-2024-56157 iTop vulnerable to Self XSS in CSV Import

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

PT-2025-21169 · Itop · Itop

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.1.3 and 3.2.1 Description: The issue allows a cross-site scripting attack to be performed when importing malicious CSV content. This can be done by filling malicious code in a CSV content. The estimated number of...

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

CVE-2025-4546

CVE-2025-4546 affects 1Panel-dev MaxKB, specifically the Knowledge Base Module up to version 1.10.7. The issue enables csv injection via an unknown functionality in the Knowledge Base Module, with remote exploitation possible. Upgrading to version 1.10.8 addresses the vulnerability. If applying r...

PT-2025-20668 · Unknown · 1Panel-Dev Maxkb

Name of the Vulnerable Software and Affected Versions: 1Panel-dev MaxKB versions up to 1.10.7 Description: A critical issue was found in the Knowledge Base Module component, leading to csv injection. This issue can be exploited remotely. The estimated number of potentially affected devices...

Exploit for CVE-2025-4190

CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...

WordPress CSV Mass Importer 1.2 Shell Upload

WordPress CSV Mass Importer plugin versions 1.2 and below suffer from a remote shell upload vulnerability...

Deserialization of Untrusted Data

Overview rtc-tools is a Toolbox for control and optimization of water systems. Affected versions of this package are vulnerable to Deserialization of Untrusted Data rough cashing in pickle module in csvlookuptablemixin.py. An attacker could potentially execute arbitrary code by exploiting the...