4 matches found
CVE-2018-16259
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...
CVE-2018-16259
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings largefeedlimit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...
CVE-2018-16259
CVE-2018-16259 corresponds to XSS in WordPress WP All Import plugin v3.4.9 via the pmxi-admin-settings large_feed_limit. Multiple connected sources confirm this as a vulnerability affecting WP All Import 3.4.9, with exploitation requiring administrator authentication (logged-in admin). Root cause...
PT-2019-9291 · WordPress · Wp All Import
Name of the Vulnerable Software and Affected Versions: WP All Import plugin version 3.4.9 Description: There is an issue with the WP All Import plugin for WordPress, specifically via the large feed limit in pmxi-admin-settings, which may allow for an XSS attack. However, the vendor notes that thi...