CVE-2025-62079

Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through = 1.0.3...

EUVD-2025-206029

Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through 1.0.3...

CVE-2025-13066 Demo Importer Plus <= 2.0.6 - Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. Th...

WordPress Export Media URLs Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Export Media URLs Type Plugin Vulnerable versions = 1.0 Fixed in 2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51510 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 91519f21c877 Credits Skalucy Required...

CVE-2023-47547

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin = 2.0.7 versions...

WordPress Export any WordPress data to XML/CSV plugin <= 1.3.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Asif Nawaz Minhas in WordPress Export any WordPress data to XML/CSV plugin versions = 1.3.4. Solution Update the WordPress Export any WordPress data to XML/CSV plugin to the latest available version at least 1.3.5...