Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

import export wordpress users vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-32835
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a up to and including 2.5.3.
NA
CVE-2024-30492
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a up to and including 2.5.2.
NA
CVE-2023-7082
The Import any XML or CSV File to WordPress plugin prior to 3.7.3 accepts all zip files and automatically extracts the zip file into a publicly accessible directory without sufficiently validating the extracted file type. This may allows high privilege users such as administrator...
Soflyy Export Any Wordpress Data To Xml\\/csv
NA
CVE-2023-6558
The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_import_file' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attacke...
Webtoffee Import Export Wordpress Users
NA
CVE-2023-6624
The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.24.3 due to insufficient input sanitization and output escaping on user supplied attributes. This...
Codection Import And Export Users And Customers
NA
CVE-2023-6583
The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to rea...
Codection Import And Export Users And Customers
NA
CVE-2023-3459
The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hf_update_customer' function called via an AJAX action in versions up to, and including, 2.4.1. This makes it poss...
Webtoffee Import Export Wordpress Users
NA
CVE-2023-1347
The Customizer Export/Import WordPress plugin prior to 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
Fastlinemedia Customizer Export\\/import
NA
CVE-2022-3558
The Import and export users and customers WordPress plugin prior to 1.20.5 does not properly escape data when exporting it via CSV files.
Codection Import And Export Users And Customers
6
CVSSv2
CVE-2022-1977
The Import Export All WordPress Images, Users & Post Types WordPress plugin prior to 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
Smackcoders Import All Pages\\, Post Types\\, Products\\, Orders\\, And Users As Xml \\& Csv
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook