6 matches found
CVE-2022-3418
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...
WordPress Import any XML or CSV File to WordPress Plugin < 3.6.9 Multiple File Upload Vulnerabilities
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2022-3418
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...
CVE-2022-3418 WP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCE
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...
CVE-2022-3418
CVE-2022-3418 affects the WordPress plugin WP All Import, pre-3.6.9, where improper filtering of allowed import file extensions enables administrators in multisite WordPress installations to upload arbitrary files, potentially leading to remote code execution (RCE). Some sources explicitly descri...
CVE-2022-3418 WP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCE
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...