EUVD-2025-210228

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

CVE-2026-5721 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 6.5.0.4 - Unauthenticated Stored Cross-Site Scripting via CSV/Excel Data Import

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...

EUVD-2026-10370

Misskey is an open source, federated social media platform. All Misskey servers running versions 10.93.0 and later, but prior to 2026.3.1, contain a vulnerability that allows importing other users' data due to lack of ownership validation. The impact of this vulnerability is estimated to be...

EUVD-2026-10369

Misskey is an open source, federated social media platform. All Misskey servers running versions 10.93.0 and later, but prior to 2026.3.1, contain a vulnerability that allows importing other users' data due to lack of ownership validation. The impact of this vulnerability is estimated to be...

PT-2026-24122

Name of the Vulnerable Software and Affected Versions Misskey versions 10.93.0 through 2026.3.0 Description Misskey is a federated social media platform. A flaw exists that allows importing data belonging to other users because of insufficient ownership validation. The potential impact is...

CVE-2024-55089

Rhymix before 2.1.24 is vulnerable to Server-Side Request Forgery SSRF in the background import data function because XML documents may contain external entities...

CVE-2019-15821

The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data...

CVE-2024-55089

Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function. The issue’s affected component is Rhymix (CMS/framework), with the root cause being insecure handling of server-side requests during the import process. Reported impact includes potential una...

The vulnerability of the data import function in the 1C8 CMS system’s Netcat module stems from deficiencies in the authentication process. This allows attackers to bypass the HTTP Basic authentication process and gain unauthorized access to the data import function of 1C.

The vulnerability of the automatic data import function in the 1C8 CMS system’s Netcat component is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass the HTTP Basic authentication process and gain unauthorized access to the data impo...

The vulnerability of the Data Import component of the Oracle Agile Product Lifecycle Management for Process application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Data Import component of the Oracle Agile Product Lifecycle Management for Process application is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2019-15821

The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data...