Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:49 a.m.6 views

CVE-2020-24147

Server-side request forgery SSR vulnerability in the WP Smart Import wp-smart-import plugin 1.0.0 for WordPress via the file field...

9.1CVSS7.1AI score0.01007EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-16883

Malware in sbrugna...

9.1CVSS9.1AI score0.01007EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-28083

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00547EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-43508

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/25 1:19 p.m.11 views

CVE-2025-47453

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...

9.8CVSS5.9AI score0.00547EPSS
Exploits0References1
NVD
NVDadded 2025/05/23 1:15 p.m.8 views

CVE-2025-47453

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...

9.8CVSS0.00547EPSS
Exploits0References1
OSV
OSVadded 2025/05/23 1:15 p.m.0 views

CVE-2025-47453

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3...

9.8CVSS5.8AI score0.00547EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/05/23 12:43 p.m.18 views

CVE-2025-47453 WordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...

8.1CVSS0.00547EPSS
Exploits0References1
CVE
CVEadded 2025/05/23 12:43 p.m.74 views

CVE-2025-47453

CVE-2025-47453 affects the WordPress plugin WP Smart Import (Xylus Themes) up to version 1.1.3, with a local file inclusion (LFI) vulnerability caused by improper control of Include/Require filename handling. Evidence in the CVE record and multiple connected sources confirms the vulnerability is ...

9.8CVSS5.9AI score0.00547EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/23 12:43 p.m.7 views

CVE-2025-47453 WordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...

8.1CVSS5.3AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:7 a.m.2 views

CVE-2024-12701

The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS6.3AI score0.01684EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/23 12:0 a.m.2 views

WordPress plugin WP Smart Import 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS7.6AI score0.00547EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/05/23 12:0 a.m.4 views

PT-2025-22744 · Xylus Themes · Wp Smart Import

Name of the Vulnerable Software and Affected Versions: Xylus Themes WP Smart Import versions 1.1.3 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PH...

8.1CVSS7.9AI score0.00547EPSS
Exploits0References3
NVD
NVDadded 2025/01/04 8:15 a.m.6 views

CVE-2024-12701

The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS0.01684EPSS
Exploits0References4
CVE
CVEadded 2025/01/04 7:24 a.m.38 views

CVE-2024-12701

CVE-2024-12701 affects the WordPress plugin WP Smart Import: Import any XML File to WordPress. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw via the page parameter caused by insufficient input sanitization and output escaping. It affects all versions up to 1.1.2. The impact is ...

6.1CVSS6.1AI score0.01684EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/01/04 7:24 a.m.4 views

CVE-2024-12701 WP Smart Import : Import any XML File to WordPress <= 1.1.2 - Reflected Cross-Site Scripting

The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS6.1AI score0.01684EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/01/04 7:24 a.m.17 views

CVE-2024-12701 WP Smart Import : Import any XML File to WordPress <= 1.1.2 - Reflected Cross-Site Scripting

The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS0.01684EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/01/04 12:0 a.m.1 views

PT-2025-1929 · WordPress · Wp Smart Import

Name of the Vulnerable Software and Affected Versions: WP Smart Import : Import any XML File to WordPress plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and...

6.1CVSS8.7AI score0.01684EPSS
Exploits0References9
Patchstack
Patchstackadded 2025/01/03 10:23 p.m.1 views

WordPress WP Smart Import plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin WP Smart Import versions = 1.1.2...

6.1CVSS6.3AI score0.01684EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/04/18 8:27 a.m.12 views

CVE-2024-32597 WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7...

5.9CVSS5.2AI score0.00107EPSS
Exploits0References1
Rows per page
Query Builder