Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/12/2017 Updated: 05/01/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the esb-csv-import-export plugin up to and including 1.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) cie_type, (2) cie_import, (3) cie_update, or (4) cie_ignore parameter to includes/admin/views/esb-cie-import-export-page.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
csv-import-export project csv-import-export

WordPress CSV Import-Export plugin version 11 suffers from a cross site scripting vulnerability ...

CWE-79 http://seclists.org/fulldisclosure/2017/Dec/73 https://nvd.nist.gov https://packetstormsecurity.com/files/145506/WordPress-CSV-Import-Export-1.1-Cross-Site-Scripting.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-17753

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect