Wp All Import Security Vulnerabilities and Issues — Wp All Import CVE List

Lucene search

SoflyyWp All Import

11 matches found

CVE•added 2019/08/20 3:15 p.m.•39 views

CVE-2017-18567

The wp-all-import plugin before 3.4.6 for WordPress has XSS.

6.1CVSS6.3AI score0.0021EPSS

CVE•added 2019/08/20 3:15 p.m.•37 views

CVE-2015-9331

The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.

7.5CVSS7.6AI score0.00548EPSS

CVE•added 2019/04/12 7:29 p.m.•37 views

CVE-2018-16259

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of b...

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2019/08/20 3:15 p.m.•35 views

CVE-2015-9330

The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection.

9.8CVSS9.9AI score0.00546EPSS

CVE•added 2019/08/20 4:15 p.m.•35 views

CVE-2018-20978

The wp-all-import plugin before 3.4.7 for WordPress has XSS.

6.1CVSS6.3AI score0.0021EPSS

CVE•added 2019/04/12 6:29 p.m.•33 views

CVE-2018-16254

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administ...

6.1CVSS5.9AI score0.00328EPSS

CVE•added 2019/04/12 6:29 p.m.•32 views

CVE-2018-16255

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in adminis...

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2019/04/12 6:29 p.m.•32 views

CVE-2018-16256

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a l...

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2019/08/20 3:15 p.m.•31 views

CVE-2015-9329

The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS.

6.1CVSS6.4AI score0.0019EPSS

CVE•added 2019/04/12 7:29 p.m.•27 views

CVE-2018-16257

There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged i...

6.1CVSS6.1AI score0.0024EPSS

CVE•added 2019/04/12 7:29 p.m.•27 views

CVE-2018-16258

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a log...

6.1CVSS6AI score0.0024EPSS