Wp Import Export Lite Security Vulnerabilities and Issues — Wp Import Export Lite CVE List

Lucene search

VjinfotechWp Import Export Lite

3 matches found

CVE•added 2025/04/22 6:15 a.m.•36 views

CVE-2025-2839

The WP Import Export Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpiePreviewData’ function in all versions up to, and including, 3.9.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributo...

6.4CVSS5.7AI score0.00021EPSS

CVE•added 2025/08/05 8:15 a.m.•12 views

CVE-2025-5061

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_parse_upload_data' function in all versions up to, and including, 3.9.29. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

8.8CVSS7.3AI score0.00401EPSS

CVE•added 2025/08/05 8:15 a.m.•10 views

CVE-2025-6207

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_tempalte_import' function in all versions up to, and including, 3.9.28. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

8.8CVSS7.4AI score0.0027EPSS