CVE-2025-1912 Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validatefile Function. This makes it possible for authenticated attackers, with Administrator-level...

WordPress Export and Import Users and Customers plugin <= 2.6.2 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function vulnerability

Authenticated Administrator+ Server-Side Request Forgery via validatefile Function vulnerability discovered by HayMiz in WordPress Plugin Import Export WordPress Users versions = 2.6.2...

CVE-2025-1970

CVE-2025-1970 affects the WordPress plugin Export and Import Users and Customers (versions

WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function vulnerability

Authenticated Administrator+ Server-Side Request Forgery via validatefile Function vulnerability discovered by HayMiz in WordPress Plugin Order Export & Order Import for WooCommerce versions = 2.6.0...