CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

Patchstack•added 2026/05/05 9:22 a.m.•6 views

WordPress Import and export users and customers plugin <= 2.0.8 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kiemtiendinhau in WordPress Plugin Import and export users and customers versions = 2.0.8...

8.8CVSS5.8AI score0.0003EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/03/24 8:24 a.m.•4 views

WordPress Import and export users and customers plugin <= 1.29.7 - Privilege Escalation to Administrator via save_extra_user_profile_fields vulnerability

Privilege Escalation to Administrator via saveextrauserprofilefields vulnerability discovered by kai63001 in WordPress Plugin Import and export users and customers versions = 1.29.7...

8.1CVSS5.8AI score0.00032EPSS

Exploits1References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-15042

Malware in sbrugna...

8CVSS7.8AI score0.01097EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-37625

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01494EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-3883

Malicious code in bioql PyPI...

5.9CVSS9.2AI score0.00277EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-35080

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00255EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 11:59 a.m.•5 views

CVE-2025-24689

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Retrieve Embedded Sensitive Data.This issue affects Import and export users and customers: from n/a through =...

5.9CVSS7.2AI score0.00277EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:45 a.m.•0 views

CVE-2024-4734

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.26.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5.9AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:37 a.m.•3 views

CVE-2024-32817

Deserialization of Untrusted Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through = 1.26.2...

4.4CVSS5.9AI score0.0011EPSS

Exploits0References1

Patchstack•added 2025/03/24 8:43 a.m.•3 views

WordPress Export and Import Users and Customers plugin <= 2.6.2 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability

Directory Traversal to Authenticated Administrator+ Limited Arbitrary File Read via downloadfile Function vulnerability discovered by HayMiz in WordPress Plugin Import Export WordPress Users versions = 2.6.2...

4.9CVSS8.8AI score0.0018EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/01/27 2:22 p.m.•0 views

CVE-2025-24689 WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability

5.9CVSS8.5AI score0.00277EPSS

Exploits0References1

CNNVD•added 2024/10/29 12:0 a.m.•2 views

WordPress plugin Import and export users and customers 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

5.9CVSS6AI score0.0027EPSS

Exploits0References1

Patchstack•added 2024/10/24 7:57 a.m.•1 views

WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.27.5...

5.9CVSS6.1AI score0.0027EPSS

Exploits0Affected Software1

Patchstack•added 2024/08/07 9:59 a.m.•4 views

WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability

Sensitive Information via Imported File vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.8...

7.5CVSS7AI score0.01494EPSS

Exploits0Affected Software1

CNNVD•added 2024/06/11 12:0 a.m.•2 views

WordPress plugin Import and export users and customers security vulnerability

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...

5.4CVSS6.7AI score0.00255EPSS

Exploits0References3

OSV•added 2024/06/08 5:15 p.m.•1 views

CVE-2024-22151

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.24.6...

5.3CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2024/05/15 12:0 a.m.•1 views

PT-2024-32042 · WordPress · Import/Export Users/Customers Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Import and export users and customers plugin for WordPress versions up to, and including, 1.26.6.1 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with administrator...

4.4CVSS6.8AI score0.00414EPSS

Exploits0References4

CNNVD•added 2024/05/04 12:0 a.m.•2 views

WordPress plugin Import and export users and customers 安全漏洞

4.3CVSS6.2AI score0.00073EPSS

Exploits0References4

Patchstack•added 2024/04/22 7:21 p.m.•1 views

WordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import Export WordPress Users versions = 2.5.3...

5.4CVSS7AI score0.00147EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/22 3:49 p.m.•3 views

WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.2...

4.4CVSS7.3AI score0.0011EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by