Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:3 p.m.10 views

CVE-2022-3418

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...

7.2CVSS6.9AI score0.01104EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2022/11/08 12:0 a.m.16 views

WordPress Import any XML or CSV File to WordPress Plugin < 3.6.9 Multiple File Upload Vulnerabilities

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.2CVSS7AI score0.03187EPSS
Exploits4References2
NVD
NVD
added 2022/11/07 10:15 a.m.19 views

CVE-2022-3418

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...

7.2CVSS0.01104EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.9 views

CVE-2022-3418 WP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCE

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...

7.2AI score0.01104EPSS
Exploits2References1
CVE
CVE
added 2022/11/07 12:0 a.m.83 views

CVE-2022-3418

CVE-2022-3418 affects the WordPress plugin WP All Import, pre-3.6.9, where improper filtering of allowed import file extensions enables administrators in multisite WordPress installations to upload arbitrary files, potentially leading to remote code execution (RCE). Some sources explicitly descri...

7.2CVSS7AI score0.01104EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.23 views

CVE-2022-3418 WP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCE

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files...

7.2AI score0.01104EPSS
Exploits2References1
Rows per page
Query Builder