Import Export Wordpress Users Security Vulnerabilities and Issues — Import Export Wordpress Users CVE List

Lucene search

WebtoffeeImport Export Wordpress Users

4 matches found

CVE•added 2025/03/22 12:15 p.m.•52 views

CVE-2025-1973

The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.6.2 via the download_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitra...

4.9CVSS6.5AI score0.0008EPSS

CVE•added 2025/03/22 12:15 p.m.•50 views

CVE-2025-1971

The Export and Import Users and Customers plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.2 via deserialization of untrusted input from the 'form_data' parameter. This makes it possible for authenticated attackers, with Administrator-level access...

7.2CVSS7.3AI score0.00355EPSS

CVE•added 2025/03/22 12:15 p.m.•44 views

CVE-2025-1972

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.6.2. This makes it possible for authenticated attackers, with Administrator-level...

6.5CVSS6.8AI score0.00071EPSS

CVE•added 2025/03/22 12:15 p.m.•41 views

CVE-2025-1970

The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.2 via the validate_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web reques...

7.6CVSS6.6AI score0.00064EPSS