101 matches found
PT-2024-32042 · WordPress · Import/Export Users/Customers Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: Import and export users and customers plugin for WordPress versions up to, and including, 1.26.6.1 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with administrator...
WordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.5...
WordPress plugin Import and export users and customers 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...
CVE-2024-32817 WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.2...
CVE-2024-32817 WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through = 1.26.2...
WordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerability
Deserialization of untrusted data vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import Export WordPress Users versions = 2.5.3...
WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.2...
WordPress Import Export WordPress Users Plugin <= 2.5.3 is vulnerable to Deserialization of untrusted data
Software Import Export WordPress Users Type Plugin Vulnerable versions = 2.5.3 Fixed in 2.5.4 OWASP Top 10 A3: Injection Classification Deserialization of untrusted data CVE CVE-2024-32835 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18b32b38e523 Credits Trình Vũ...
CVE-2024-30492 WordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.2...
WordPress Plugin Import and export users and customers Security Vulnerabilities
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Plugin Import and export users and customers Security Vulnerabilities
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Import and export users and customers Plugin <= 1.24.3 is vulnerable to Cross Site Scripting (XSS)
Software Import and export users and customers Type Plugin Vulnerable versions = 1.24.3 Fixed in 1.24.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6624 Patch priority Low CVSS severity Low 6.5 Developer Codection PSID 8dfbaad9de1b Credits...
CVE-2023-2447
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...
CVE-2023-2447
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...
CVE-2023-2447
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...
Cross site request forgery (csrf)
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...
CVE-2023-2447 UserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information Exposure
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted...
CVE-2022-41616
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...
CVE-2022-41616
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...
CVE-2022-41616 WordPress Export Users Data CSV plugin <= 2.1 - Auth. CSV Injection vulnerability
A vulnerability in Kaushik Export Users Data CSV export-users-data-csv.This issue affects Export Users Data CSV: from n/a through = 2.1...