Lucene search
K

101 matches found

Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.11 views

PT-2024-32042 · WordPress · Import/Export Users/Customers Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Import and export users and customers plugin for WordPress versions up to, and including, 1.26.6.1 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with administrator...

4.4CVSS6.8AI score0.00255EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/05/09 2:42 p.m.4 views

WordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.5...

5.4CVSS7AI score0.00369EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/05/04 12:0 a.m.4 views

WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...

4.3CVSS6.2AI score0.00431EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/24 7:27 a.m.15 views

CVE-2024-32817 WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.2...

4.4CVSS6.9AI score0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/24 7:27 a.m.19 views

CVE-2024-32817 WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through = 1.26.2...

4.4CVSS5.1AI score0.00373EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/22 7:21 p.m.7 views

WordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import Export WordPress Users versions = 2.5.3...

5.4CVSS7AI score0.00361EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 3:49 p.m.6 views

WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.2...

4.4CVSS7.3AI score0.00373EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.12 views

WordPress Import Export WordPress Users Plugin <= 2.5.3 is vulnerable to Deserialization of untrusted data

Software Import Export WordPress Users Type Plugin Vulnerable versions = 2.5.3 Fixed in 2.5.4 OWASP Top 10 A3: Injection Classification Deserialization of untrusted data CVE CVE-2024-32835 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18b32b38e523 Credits Trình Vũ...

5.4CVSS6.8AI score0.00361EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/29 3:35 p.m.13 views

CVE-2024-30492 WordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.2...

4.3CVSS7.1AI score0.00517EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

WordPress Plugin Import and export users and customers Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.2CVSS6.6AI score0.00809EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

WordPress Plugin Import and export users and customers Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/12/11 12:0 a.m.21 views

WordPress Import and export users and customers Plugin <= 1.24.3 is vulnerable to Cross Site Scripting (XSS)

Software Import and export users and customers Type Plugin Vulnerable versions = 1.24.3 Fixed in 1.24.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6624 Patch priority Low CVSS severity Low 6.5 Developer Codection PSID 8dfbaad9de1b Credits...

5.4CVSS5.7AI score0.00352EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/11/22 8:15 a.m.5 views

CVE-2023-2447

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...

6.1CVSS7.2AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/11/22 8:15 a.m.2 views

CVE-2023-2447

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...

6.1CVSS6.8AI score0.00181EPSS
Exploits0References3
NVD
NVD
added 2023/11/22 8:15 a.m.34 views

CVE-2023-2447

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...

6.1CVSS0.00181EPSS
Exploits0References2
Prion
Prion
added 2023/11/22 8:15 a.m.20 views

Cross site request forgery (csrf)

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...

5.8CVSS6.7AI score0.00181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/22 7:32 a.m.36 views

CVE-2023-2447 UserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information Exposure

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...

6.1CVSS6.1AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2023/11/07 6:15 p.m.3 views

CVE-2022-41616

Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...

8.8CVSS5.8AI score0.0082EPSS
Exploits0References1
NVD
NVD
added 2023/11/07 6:15 p.m.13 views

CVE-2022-41616

Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...

8.8CVSS0.0082EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/07 5:17 p.m.14 views

CVE-2022-41616 WordPress Export Users Data CSV plugin <= 2.1 - Auth. CSV Injection vulnerability

A vulnerability in Kaushik Export Users Data CSV export-users-data-csv.This issue affects Export Users Data CSV: from n/a through = 2.1...

7.6CVSS8AI score0.0082EPSS
Exploits0References1
Rows per page
Query Builder