Import Wp@* Security Vulnerabilities and Issues — Import Wp@* CVE List

Lucene search

ImportwpImport Wp*

3 matches found

CVE•added 2024/04/24 5:15 a.m.•69 views

CVE-2023-7253

The Import WP WordPress plugin before 2.13.1 does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations.

6.1CVSS9.2AI score0.00127EPSS

CVE•added 2022/05/02 4:15 p.m.•58 views

CVE-2022-1273

The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE

7.2CVSS6.9AI score0.0083EPSS

CVE•added 2025/01/25 12:15 p.m.•44 views

CVE-2024-13562

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.5 via the uploads directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecur...

7.5CVSS7.3AI score0.00116EPSS