Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/14 12:20 p.m.13 views

CVE-2020-36849

The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...

9.8CVSS7.5AI score0.04655EPSS
Exploits2References1
NVD
NVD
added 2025/07/12 12:15 p.m.7 views

CVE-2020-36849

The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...

9.8CVSS0.04655EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2025/07/12 11:23 a.m.8 views

CVE-2020-36849 AIT CSV import/export <= 3.0.3 - Unauthenticated Arbitrary File Upload

The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...

9.8CVSS8.1AI score0.04655EPSS
Exploits2References6
CVE
CVE
added 2025/07/12 11:23 a.m.32 views

CVE-2020-36849

The CVE-2020-36849 entry concerns the AIT CSV import/export plugin for WordPress (versions up to 3.0.3). The root cause is missing file type validation in admin/upload-handler.php, enabling arbitrary file uploads on the vulnerable site and potentially remote code execution. Public references incl...

9.8CVSS7.5AI score0.04655EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder