The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.
6.1CVSS
6AI Score
0.001EPSS
The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.
5.7CVSS
5.6AI Score
0.001EPSS
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
7.5CVSS
7.6AI Score
0.001EPSS
The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.
6.1CVSS
6AI Score
0.001EPSS
6.1CVSS
6.9AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS