44 matches found
PT-2023-29459 · WordPress · Import Xml/Rss Feeds
Name of the Vulnerable Software and Affected Versions: Import XML and RSS Feeds WordPress plugin versions prior to 2.1.5 Description: The issue allows unauthenticated attackers to perform remote code execution RCE due to a web shell in the plugin. This web shell was introduced as a result of a...
WordPress plugin Import XML and RSS Feeds Code Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...
WordPress plugin Import XML and RSS Feeds Code Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...
PT-2023-28663 · WordPress · Import Xml/Rss Feeds
Name of the Vulnerable Software and Affected Versions: Import XML and RSS Feeds WordPress plugin versions prior to 2.1.4 Description: The issue allows an attacker to upload a malicious PHP file due to a lack of file extension filtering for uploaded files, leading to Remote Code Execution...
CVE-2022-35262
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35262
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35262
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
PT-2022-22666 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...
PT-2022-23345 · WordPress · Soflyy Import Any Xml/Csv File To Wordpress
Name of the Vulnerable Software and Affected Versions: Soflyy Import any XML or CSV File to WordPress plugin versions = 3.6.7 Description: The issue is related to an Authenticated Arbitrary Code Execution vulnerability. This allows for the execution of arbitrary code by an authenticated user...
PT-2022-15625 · WordPress · Import Any Xml/Csv File To Wordpress
Name of the Vulnerable Software and Affected Versions: Import any XML or CSV File to WordPress plugin versions prior to 3.6.8 Description: The issue allows high privilege users, such as admins, to upload arbitrary files, including PHP files, by accepting all zip files and automatically extracting...
Exploit for Server-Side Request Forgery in Mooveagency Import_Xml_And_Rss_Feeds
CVE-2020-24148 Server-side request forgery SSRF in the Impo...
WordPress server-side request forgery vulnerability (CNVD-2021-59066)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. import-xml-feed of WordPress is vulnerable to server-side request forgery. No detailed vulnerability...
CVE-2020-24148
Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...
CVE-2020-24148
Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...
Server side request forgery (ssrf)
Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...
CVE-2020-24148
The CVE-2020-24148 entry is concrete: WordPress Import XML and RSS Feeds (import-xml-feed) plugin is affected up to version 2.0.1. The flaw is a server-side request forgery (SSRF) via the data parameter in the moove_read_xml action, implemented when the plugin fetches a URL using data as input (v...
CVE-2020-24148
Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...
WordPress 代码问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. import-xml-feed of WordPress is vulnerable to server-side request forgery. No detailed vulnerability...
CVE-2020-35938
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...
WordPress Import XML and RSS Feeds plugin <= 2.0.1 - Server-Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Import XML and RSS Feeds plugin versions = 2.0.1. Solution Update the WordPress Import XML and RSS Feeds plugin to the latest available version at least 2.0.2...