2 matches found
CVE-2025-1971
creationtimestamp| type| source ---|---|--- 2025-03-22 13:00:44+00:00| seen| Telegram/91xkeRuMSbKQZFHzsWMcWafcMLYpeFaQxLbDakd-mxm6QM 2025-03-22 13:39:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkxtz7k3gi24 2025-03-22 14:33:20+00:00| seen| https://t.me/cvedetector/20868...
CVE-2025-1971 Export and Import Users and Customers <= 2.6.2 - Authenticated (Admin+) PHP Object Injection via form_data Parameter
The Export and Import Users and Customers plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.2 via deserialization of untrusted input from the 'formdata' parameter. This makes it possible for authenticated attackers, with Administrator-level acces...