EUVD-2018-3555

Malware in sbrugna...

CVE-2025-3919 WordPress Comments Import & Export <= 2.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savesettings function in all versions up to, and including, 2.4.3. Additionally, the plugin fails to properly sanitize and escape FTP settings...

CVE-2024-31235

Cross-Site Request Forgery CSRF vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5...

WordPress WordPress Comments Import & Export Plugin <= 2.3.7 is vulnerable to Directory Traversal

Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-7514 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 06055d28d8b6 Credits scottaglia Required...

CVE-2022-45370 WordPress WordPress Comments Import & Export plugin <= 2.3.1 - CSV Injection

A vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce.This issue affects Comments Import & Export: from n/a through = 2.3.1...