Lucene search
K

88 matches found

Patchstack
Patchstack
added 2025/01/16 6:42 p.m.4 views

WordPress Import Users to MailChimp plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Import Users to MailChimp versions = 1.0...

7.1CVSS6.2AI score0.0017EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/10/01 2:36 p.m.58 views

CVE-2024-25632

CVE-2024-25632 affects eLabFTW. A regular user can become an administrator of a team where they are a member under a reasonable configuration, and in versions after v5.0.0 an initially unauthenticated user may gain administrative privileges over an arbitrary team. The vulnerability does not grant...

8.8CVSS8.7AI score0.00385EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/15 7:16 a.m.16 views

CVE-2024-32431 WordPress Import Users from CSV plugin <= 1.2 - PHP Object Injection

Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2...

4.4CVSS5.2AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 7:16 a.m.33 views

CVE-2024-32431 WordPress Import Users from CSV plugin <= 1.2 - PHP Object Injection

Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2...

4.4CVSS5.1AI score0.00384EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.6 views

WordPress Plugin Import Users from CSV 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Import Users from CSV A co...

7.2CVSS6.8AI score0.00384EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/12 3:14 p.m.5 views

WordPress Import Users from CSV plugin <= 1.2 - PHP Object Injection

PHP Object Injection vulnerability discovered by Trình Vũ Sonicrrrr from VNPT-VCI in WordPress Plugin Import Users from CSV versions = 1.2...

7.2CVSS7.3AI score0.00384EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.16 views

WordPress Import Users from CSV Plugin <= 1.2 is vulnerable to PHP Object Injection

Software Import Users from CSV Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-32431 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID e3f19c84ef38 Credits Trình Vũ Sonicrrrr from VNPT-VCI Require...

7.2CVSS6.8AI score0.00384EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/29 12:0 a.m.5 views

WordPress Plugin Export and Import Users and Customers 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

WordPress Plugin Export and Import Users and Customers Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.2CVSS6.8AI score0.01366EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/07/18 2:39 a.m.13 views

CVE-2023-3459 Export and Import Users and Customers <= 2.4.1 - Missing Authorization to Authenticated (Shop Manager) Arbitrary User Password Change

The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hfupdatecustomer' function called via an AJAX action in versions up to, and including, 2.4.1. This makes it possible for authenticated...

7.2CVSS7.1AI score0.00717EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/07/30 12:0 a.m.14 views

WordPress Import users from CSV with meta Plugin < 1.14.2.2 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:codection:importusersfromcsvwithmeta"; ifdescription...

5.7CVSS5.7AI score0.00679EPSS
Exploits1References2
OSV
OSV
added 2022/01/18 5:15 p.m.1 views

UBUNTU-CVE-2021-39892

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users...

4.3CVSS5.8AI score0.01228EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.2 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab CE/EE suffers from a security vulnerability that stems from the...

4.3CVSS5.2AI score0.01228EPSS
Exploits1References5
Patchstack
Patchstack
added 2020/01/06 12:0 a.m.10 views

WordPress Import Users From CSV with Meta plugin 1.15 - Unauthorised Authenticated Users Export vulnerability

Unauthorised Authenticated Users Export vulnerability found in WordPress Import Users From CSV with Meta plugin version 1.15. Solution Update WordPress Import Users From CSV with Meta plugin to the latest available version at least 1.15.0.1...

3.6AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/09/16 12:0 a.m.21 views

WordPress Import users from CSV with meta Plugin < 1.14.1.3 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113522";...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/09/16 12:0 a.m.17 views

WordPress Import users from CSV with meta Plugin < 1.14.0.3 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113521";...

8.8CVSS7AI score0.00932EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/09/16 12:0 a.m.24 views

WordPress Import users from CSV with meta Plugin < 1.14.2.1 Directory Traversal Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113523";...

7.5CVSS7.6AI score0.0232EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/23 12:0 a.m.2 views

WordPress import-users-from-csv-with-meta plugin cross-site scripting vulnerability (CNVD-2020-22384)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. import-users-from-csv-with-meta is a user data import plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2019/08/22 8:15 p.m.3 views

CVE-2019-15327

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 8:15 p.m.17 views

CVE-2019-15326

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal...

7.5CVSS7.7AI score0.0232EPSS
Exploits0References2
Rows per page
Query Builder