8 matches found
WordPress CSV Mass Importer plugin <= 1.2 - Admin+ Arbitrary File Upload vulnerability
Admin+ Arbitrary File Upload vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin CSV Mass Importer versions = 1.2...
CVE-2025-4190
The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
CVE-2025-4190
The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
CVE-2025-4190
CVE-2025-4190 affects the WordPress plugin CSV Mass Importer (v ≤ 1.2). The issue is improper validation of uploaded files, allowing high-privilege users (e.g., admins) to upload arbitrary files on the server (notably in multisite setups). Several sources confirm an admin+ arbitrary file upload v...
CVE-2025-4190 CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload
The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...
Exploit for CVE-2025-4190
CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...
CVE-2025-4190
creationtimestamp| type| source ---|---|--- 2025-05-07 17:00:13+00:00| published-proof-of-concept| Telegram/r84uk1c1f1koqzztiTdxByQ9BLtYAaDiWUWNZ6l8-95JYw 2025-05-17 17:01:22+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpezaghntdj2...
Exploit for CVE-2025-4190
CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...