CVE-2019-14683

CVE-2019-14683 pertains to the WordPress plugin Import users from CSV with meta, where versions prior to 1.14.2.2 are vulnerable to CSRF via wp-admin/admin-ajax.php?action=acui_delete_attachment. The issue enables unauthorized actions by crafted requests (CSRF) affecting attachment deletion. Mult...

CVE-2019-15328

The CVE-2019-15328 entry concerns the WordPress plugin import-users-from-csv-with-meta, vulnerable prior to version 1.14.0.3. The issue is a cross-site scripting (XSS) flaw in the plugin, allowing an attacker to execute client-side code. Documented impact indicates the vulnerability affects the p...

CVE-2019-15329

The CVE refers to a CSRF vulnerability in the WordPress plugin import-users-from-csv-with-meta, affecting versions before 1.14.0.3. Affected component: WordPress plugin (import-users-from-csv-with-meta). Root cause: CSRF in the plugin’s handling of CSV-based user imports. Impact: cross-site reque...

CVE-2019-15326

CVE-2019-15326 affects the WordPress plugin “import-users-from-csv-with-meta” prior to version 1.14.2.1. The vulnerability is a directory traversal flaw in the plugin’s handling of CSV imports, potentially allowing an attacker to access files outside the intended directory. The NVD entry lists CV...

CVE-2019-15327

The CVE-2019-15327 vulnerability affects the WordPress plugin import-users-from-csv-with-meta (pre-1.14.1.3). The issue is an XSS via data imported into the plugin. Public documents indicate a fix in version 1.14.1.3 (VendorFix). The vulnerability is documented across multiple sources (NVD, Red H...

CVE-2018-20101

CVE-2018-20101 affects the WordPress plugin “Import users from CSV with meta” (versions