Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/04/03 9:43 a.m.7 views

CVE-2025-2008

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...

8.8CVSS8AI score0.01105EPSS
Exploits0References1
Circl
Circl
added 2025/04/01 7:48 a.m.10 views

CVE-2025-2008

creationtimestamp| type| source ---|---|--- 2025-04-01 07:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114261603503504354 2025-04-01 07:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114261603503504354...

8.8CVSS8AI score0.01105EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 5:15 a.m.16 views

CVE-2025-2008

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...

8.8CVSS0.01105EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/01 4:21 a.m.27 views

CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...

8.8CVSS0.01105EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/01 4:21 a.m.8 views

CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...

8.8CVSS8AI score0.01105EPSS
Exploits0References2
CVE
CVE
added 2025/04/01 4:21 a.m.69 views

CVE-2025-2008

CVE-2025-2008 affects the Import Export Suite for CSV and XML Datafeed WordPress plugin. The vulnerability allows authenticated users with Subscriber+ privileges to upload arbitrary files due to missing file-type validation in import_single_post_as_csv(), across all versions up to 7.19. This can ...

8.8CVSS8AI score0.01105EPSS
Exploits0References3
Rows per page
Query Builder