Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:7 p.m.10 views

CVE-2022-1565

The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wpallimportgetgz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary...

7.2CVSS7.5AI score0.11344EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2024/06/21 11:8 a.m.427 views

Exploit for Unrestricted Upload of File with Dangerous Type in Wpallimport Wp_All_Import

WordPress Plugin WP All Import = 3.6.7 - Thực thi mã từ xa R...

7.2CVSS7.1AI score0.11344EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/30 12:0 a.m.282 views

WordPress WP All Import 3.6.7 Remote Code Execution

Exploit Title: WP All Import v3.6.7 - Remote Code Execution RCE Authenticated Date: 11/05/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://www.wpallimport.com/ Software Link: https://wordpress.org/plugins/wp-all-import/advanced/ scroll down to select the...

7.2CVSS7AI score0.11344EPSS
Exploits4
0day.today
0day.today
added 2023/03/29 12:0 a.m.272 views

WordPress WP All Import v3.6.7 - Remote Code Execution Exploit

Exploit Title: WP All Import v3.6.7 - Remote Code Execution RCE Authenticated Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://www.wpallimport.com/ Software Link: https://wordpress.org/plugins/wp-all-import/advanced/ scroll down to select the version Version: =...

7.2CVSS7AI score0.11344EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/07/19 12:0 a.m.14 views

WordPress Import any XML or CSV File to WordPress Plugin < 3.6.8 RCE Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.2CVSS7AI score0.11344EPSS
Exploits4References1
Circl
Circl
added 2022/07/18 8:39 p.m.25 views

CVE-2022-1565

creationtimestamp| type| source ---|---|--- 2022-07-18 20:39:52+00:00| seen| https://t.me/cibsecurity/46478 2023-03-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51122...

7.2CVSS6.9AI score0.11344EPSS
Exploits4References2
NVD
NVD
added 2022/07/18 5:15 p.m.45 views

CVE-2022-1565

The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wpallimportgetgz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary...

7.2CVSS0.11344EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2022/07/18 12:0 a.m.12 views

CVE-2022-1565

The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wpallimportgetgz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary...

7.2CVSS7.2AI score0.11344EPSS
Exploits4References3
CVE
CVE
added 2022/07/18 12:0 a.m.110 views

CVE-2022-1565

CVE-2022-1565 affects WP All Import for WordPress (versions up to 3.6.7). The vulnerability stems from missing file type validation in wp_all_import_get_gz.php, allowing authenticated administrators to upload arbitrary files to the server, with potential remote code execution. Public references i...

7.2CVSS7.2AI score0.11344EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder