CVE-2019-9697

An information disclosure vulnerability in the Management Center MC REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access...

WordPress Import & Export WordPress Data to CSV < 5.6.1 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Import Export WordPress Users plugin <= 1.3.1 - CSV Injection vulnerability

CSV Injection vulnerability found by Javier Olmedo in WordPress Import Export WordPress Users plugin versions = 1.3.1. Solution Update the WordPress Import Export WordPress Users plugin to the latest available version at least 1.3.2...

WordPress users-customers-import-export-for-wp-woocommerce plugin CSV injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. users-customers-import-export-for-wp-woocommerce is a user import/export plugin used in it. A CSV injection vulnerability exists in th...

WordPress import-users-from-csv-with-meta plugin cross-site scripting vulnerability (CNVD-2020-22384)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

CVE-2019-15326

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal...

CVE-2019-15328

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

CVE-2019-15327

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data...

CVE-2019-15329

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF...

CVE-2019-15327

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data...

CVE-2019-15326

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal...

CVE-2019-15328

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

Cross site request forgery (csrf)

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF...

Design/Logic Flaw

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data...

Cross site scripting

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

CVE-2019-15327

The CVE-2019-15327 vulnerability affects the WordPress plugin import-users-from-csv-with-meta (pre-1.14.1.3). The issue is an XSS via data imported into the plugin. Public documents indicate a fix in version 1.14.1.3 (VendorFix). The vulnerability is documented across multiple sources (NVD, Red H...

CVE-2019-15328

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS...

CVE-2019-15328

The CVE-2019-15328 entry concerns the WordPress plugin import-users-from-csv-with-meta, vulnerable prior to version 1.14.0.3. The issue is a cross-site scripting (XSS) flaw in the plugin, allowing an attacker to execute client-side code. Documented impact indicates the vulnerability affects the p...

WordPress import-users-from-csv-with-meta plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site scripting vulnerability exists in WordPress...

WordPress wp-all-import plugin security feature issue vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. WordPress wp-all-import plugin has a security feature issue...