WordPress wp-all-import plugin cross-site scripting vulnerability (CNVD-2019-28650)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. A cross-site scripting vulnerability exists in WordPress wp-all-import...

WordPress import-users-from-csv-with-meta plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site request forgery vulnerability exists in WordPres...

WordPress import-users-from-csv-with-meta plugin path traversal vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A path traversal vulnerability exists in versions of the...

Cisco Integrated Management Controller Buffer Overflow Vulnerability (CNVD-2019-28404)

The Cisco Integrated Management Controller IMC is a baseboard management controller that provides embedded server management for Cisco UCS? C Series rackmount servers and Cisco S Series storage servers. A buffer overflow vulnerability in the "Import Cisco IMC" configuration utility for the Cisco...

WordPress wp-all-import plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. A SQL injection vulnerability exists in the WordPress wp-all-import...

CVE-2019-1871

A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to cause a denial of service DoS condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is du...

CVE-2019-15127

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

CVE-2019-15127

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

Cross site scripting

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

CVE-2019-15127

CVE-2019-15127 affects REDCap prior to 9.3.0. The issue is an XSS vulnerability on the Data Import Tool page, exploitable by a CSV data import file and affecting non-administrator accounts. The description in public records does not specify the underlying root cause or CVE exploit vectors beyond ...

CVE-2019-15127

REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file...

WordPress wp-all-import plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. A cross-site scripting vulnerability exists in WordPress wp-all-import...

CVE-2018-20978

The wp-all-import plugin before 3.4.7 for WordPress has XSS...

CVE-2018-20978

The wp-all-import plugin before 3.4.7 for WordPress has XSS...

Cross site scripting

The wp-all-import plugin before 3.4.7 for WordPress has XSS...

CVE-2015-9330

The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection...

CVE-2017-18567

The wp-all-import plugin before 3.4.6 for WordPress has XSS...

CVE-2015-9331

The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit...

CVE-2016-10914

The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file...

CVE-2015-9329

The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS...