6 matches found
CVE-2025-2008
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...
CVE-2025-2008
creationtimestamp| type| source ---|---|--- 2025-04-01 07:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114261603503504354 2025-04-01 07:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114261603503504354...
CVE-2025-2008
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...
CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...
CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...
CVE-2025-2008
CVE-2025-2008 affects the Import Export Suite for CSV and XML Datafeed WordPress plugin. The vulnerability allows authenticated users with Subscriber+ privileges to upload arbitrary files due to missing file-type validation in import_single_post_as_csv(), across all versions up to 7.19. This can ...