Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5078 matches found

0day.today
0day.todayadded 2019/08/26 12:0 a.m.45 views

WordPress Import Export WordPress Users 1.3.1 Plugin - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Google Dork:...

6CVSS0.2AI score0.05141EPSS
Exploits5
exploitpack
exploitpackadded 2019/08/26 12:0 a.m.20 views

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork:...

6CVSS0.05141EPSS
Exploits5
Exploit DB
Exploit DBadded 2019/08/26 12:0 a.m.519 views

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection

Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork: inurl:"/wp-content/plugins/users-customers-import-export-for-wp-woocommerce" Vendor: WebToffee...

7.3CVSS7.4AI score0.05141EPSS
Exploits5
OSV
OSVadded 2019/08/23 9:15 p.m.2 views

CVE-2019-15092

The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the userurl, displayname, firstname, and lastname columns in an exported CSV file created by the WFCustomerImpExpCsvExporter class...

7.3CVSS7.1AI score0.05141EPSS
Exploits5References3
NVD
NVDadded 2019/08/23 9:15 p.m.18 views

CVE-2019-15092

The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the userurl, displayname, firstname, and lastname columns in an exported CSV file created by the WFCustomerImpExpCsvExporter class...

7.3CVSS7.4AI score0.05141EPSS
Exploits5References3
Prion
Prionadded 2019/08/23 9:15 p.m.12 views

Design/Logic Flaw

The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the userurl, displayname, firstname, and lastname columns in an exported CSV file created by the WFCustomerImpExpCsvExporter class...

6CVSS7.3AI score0.05141EPSS
Exploits5References3Affected Software1
Cvelist
Cvelistadded 2019/08/23 8:51 p.m.23 views

CVE-2019-15092

The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the userurl, displayname, firstname, and lastname columns in an exported CSV file created by the WFCustomerImpExpCsvExporter class...

7.3AI score0.05141EPSS
Exploits5References3
CVE
CVEadded 2019/08/23 8:51 p.m.167 views

CVE-2019-15092

The CVE-2019-15092 entry concerns the WebToffee WordPress plugin “Users & WooCommerce Customers Import Export” (WordPress plugin). Affected version: 1.3.0 of the plugin allows CSV injection in exported files via the WF_CustomerImpExpCsv_Exporter class, specifically in the user_url, display_name, ...

7.3CVSS7.3AI score0.05141EPSS
Exploits5References3Affected Software1
CNVD
CNVDadded 2019/08/23 12:0 a.m.1 views

WordPress import-users-from-csv-with-meta plugin cross-site scripting vulnerability (CNVD-2020-22384)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.00917EPSS
Exploits0References1
CNVD
CNVDadded 2019/08/23 12:0 a.m.4 views

WordPress users-customers-import-export-for-wp-woocommerce plugin CSV injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. users-customers-import-export-for-wp-woocommerce is a user import/export plugin used in it. A CSV injection vulnerability exists in th...

7.3CVSS7.1AI score0.05141EPSS
Exploits5References1
Packet Storm
Packet Stormadded 2019/08/23 12:0 a.m.168 views

WordPress Import Export WordPress Users 1.3.1 CSV Injection

Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork: inurl:"/wp-content/plugins/users-customers-import-export-for-wp-woocommerce" Vendor: WebToffee...

7.2AI score0.05141EPSS
Exploits5
OSV
OSVadded 2019/08/22 8:15 p.m.1 views

CVE-2019-15328

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

6.1CVSS6.6AI score0.00937EPSS
Exploits0References2
NVD
NVDadded 2019/08/22 8:15 p.m.16 views

CVE-2019-15326

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal...

7.5CVSS7.7AI score0.0232EPSS
Exploits0References2
NVD
NVDadded 2019/08/22 8:15 p.m.18 views

CVE-2019-15328

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

6.1CVSS6.4AI score0.00937EPSS
Exploits0References2
Prion
Prionadded 2019/08/22 8:15 p.m.15 views

Cross site request forgery (csrf)

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF...

6.8CVSS8.7AI score0.00694EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2019/08/22 8:15 p.m.20 views

Cross site scripting

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

4.3CVSS6.4AI score0.00937EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2019/08/22 8:15 p.m.13 views

Design/Logic Flaw

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data...

4.3CVSS6AI score0.00917EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2019/08/22 7:10 p.m.52 views

CVE-2019-15327

The CVE-2019-15327 vulnerability affects the WordPress plugin import-users-from-csv-with-meta (pre-1.14.1.3). The issue is an XSS via data imported into the plugin. Public documents indicate a fix in version 1.14.1.3 (VendorFix). The vulnerability is documented across multiple sources (NVD, Red H...

6.1CVSS6AI score0.00917EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2019/08/22 7:9 p.m.56 views

CVE-2019-15328

The CVE-2019-15328 entry concerns the WordPress plugin import-users-from-csv-with-meta, vulnerable prior to version 1.14.0.3. The issue is a cross-site scripting (XSS) flaw in the plugin, allowing an attacker to execute client-side code. Documented impact indicates the vulnerability affects the p...

6.1CVSS6.9AI score0.00937EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDBadded 2019/08/22 12:0 a.m.18 views

Import Export WordPress Users < 1.3.2 - CSV Injection

The Import Export WordPress Users WordPress plugin was affected by a CSV Injection security vulnerability...

6CVSS2.6AI score0.05141EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder