Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9839 matches found

NVD
NVDadded 2019/04/12 7:29 p.m.10 views

CVE-2018-16257

There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged...

6.1CVSS6.2AI score0.0024EPSS
Exploits0References2
OSV
OSVadded 2019/04/12 7:29 p.m.2 views

CVE-2018-16259

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...

6.1CVSS5.8AI score0.0024EPSS
Exploits0References2
Prion
Prionadded 2019/04/12 7:29 p.m.18 views

Design/Logic Flaw

DISPUTED There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import customtype. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage o...

4.3CVSS6AI score0.0024EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2019/04/12 7:29 p.m.19 views

CVE-2018-16258

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import customtype. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...

6.1CVSS6.1AI score0.0024EPSS
Exploits0References2
Prion
Prionadded 2019/04/12 7:29 p.m.20 views

Design/Logic Flaw

DISPUTED There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken...

4.3CVSS6AI score0.0024EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/04/12 7:29 p.m.2 views

CVE-2018-16258

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import customtype. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...

6.1CVSS5.8AI score0.0024EPSS
Exploits0References2
Prion
Prionadded 2019/04/12 6:29 p.m.14 views

Design/Logic Flaw

DISPUTED There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering OptionsAdd Rule. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage ...

4.3CVSS6AI score0.0024EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2019/04/12 6:29 p.m.13 views

CVE-2018-16256

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering OptionsAdd Rule. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...

6.1CVSS6.1AI score0.0024EPSS
Exploits1References2
OSV
OSVadded 2019/04/12 6:29 p.m.1 views

CVE-2018-16254

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in...

6.1CVSS5.8AI score0.00328EPSS
Exploits0References2
NVD
NVDadded 2019/04/12 6:29 p.m.15 views

CVE-2018-16255

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in...

6.1CVSS6.1AI score0.00328EPSS
Exploits0References2
Prion
Prionadded 2019/04/12 6:29 p.m.12 views

Design/Logic Flaw

DISPUTED There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged ...

4.3CVSS6AI score0.00328EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/04/12 6:29 p.m.0 views

CVE-2018-16256

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering OptionsAdd Rule. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2019/04/12 6:29 p.m.3 views

CVE-2018-16255

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in...

6.1CVSS5.8AI score0.00328EPSS
Exploits0References2
Prion
Prionadded 2019/04/12 6:29 p.m.19 views

Design/Logic Flaw

DISPUTED There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged...

4.3CVSS6AI score0.00328EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2019/04/12 6:29 p.m.11 views

CVE-2018-16254

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in...

6.1CVSS6.1AI score0.00328EPSS
Exploits0References2
Cvelist
Cvelistadded 2019/04/12 6:5 p.m.15 views

CVE-2018-16259

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...

6AI score0.0024EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2019/04/12 6:5 p.m.11 views

CVE-2018-16259

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...

6.1AI score0.0024EPSS
Exploits0References2
CVE
CVEadded 2019/04/12 6:5 p.m.44 views

CVE-2018-16259

CVE-2018-16259 corresponds to XSS in WordPress WP All Import plugin v3.4.9 via the pmxi-admin-settings large_feed_limit. Multiple connected sources confirm this as a vulnerability affecting WP All Import 3.4.9, with exploitation requiring administrator authentication (logged-in admin). Root cause...

6.1CVSS5.9AI score0.0024EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/04/12 6:3 p.m.24 views

CVE-2018-16258

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import customtype. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a...

6AI score0.0024EPSS
Exploits0References2
CVE
CVEadded 2019/04/12 6:3 p.m.37 views

CVE-2018-16258

There is an XSS vulnerability in WordPress WP All Import plugin 3.4.9 triggered via the pmxi-admin-import custom_type. The issue is gated by the fact that WP All Import requires an administrator login, and the action can only be performed by an admin, with the vendor disputing that this constitut...

6.1CVSS6AI score0.0024EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder