30 matches found
CVE-2020-24147
Server-side request forgery SSR vulnerability in the WP Smart Import wp-smart-import plugin 1.0.0 for WordPress via the file field...
EUVD-2020-16883
Malware in sbrugna...
EUVD-2025-28083
Malicious code in bioql PyPI...
EUVD-2022-43508
Malicious code in bioql PyPI...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3...
CVE-2025-47453 WordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2025-47453
CVE-2025-47453 affects the WordPress plugin WP Smart Import (Xylus Themes) up to version 1.1.3, with a local file inclusion (LFI) vulnerability caused by improper control of Include/Require filename handling. Evidence in the CVE record and multiple connected sources confirms the vulnerability is ...
CVE-2025-47453 WordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2024-12701
The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
PT-2025-22744 · Xylus Themes · Wp Smart Import
Name of the Vulnerable Software and Affected Versions: Xylus Themes WP Smart Import versions 1.1.3 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PH...
CVE-2024-12701
The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-12701
CVE-2024-12701 affects the WordPress plugin WP Smart Import: Import any XML File to WordPress. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw via the page parameter caused by insufficient input sanitization and output escaping. It affects all versions up to 1.1.2. The impact is ...
CVE-2024-12701 WP Smart Import : Import any XML File to WordPress <= 1.1.2 - Reflected Cross-Site Scripting
The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-12701 WP Smart Import : Import any XML File to WordPress <= 1.1.2 - Reflected Cross-Site Scripting
The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP Smart Import versions = 1.0.7...
CVE-2022-40209
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Xylus Themes WP Smart Import plugin = 1.0.2 on WordPress...
CVE-2022-40209
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Xylus Themes WP Smart Import plugin = 1.0.2 on WordPress...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Xylus Themes WP Smart Import plugin = 1.0.2 on WordPress...