2 matches found
CVE-2022-1565
CVE-2022-1565 affects WP All Import for WordPress (versions up to 3.6.7). The vulnerability stems from missing file type validation in wp_all_import_get_gz.php, allowing authenticated administrators to upload arbitrary files to the server, with potential remote code execution. Public references i...
CVE-2024-32431
CVE-2024-32431 concerns WP All Import Import Users from CSV with a Deserialization of Untrusted Data flaw affecting the Import Users from CSV plugin (affected versions: n/a–1.2). The CVE entry notes a patched remediation; systems should update to a patched/secure version. The description provides...