Vulnerabilities for Import users from csv with meta (...) - CXSECURITY.COM

Vulnerabilities for
'Import users from csv with meta'

2019-08-22

CVE-2019-15329

CWE-352

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.

CVE-2019-15328

CWE-79

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS.

CVE-2019-15327

CWE-79

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.

CVE-2019-15326

CWE-22

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.

2019-08-08

CVE-2019-14683

CWE-352

The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.

2018-12-12

CVE-2018-20101

CWE-79

The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.

>>> Vendor: Codection 3 Products

Import users from csv with meta

Import and export users and customers

Copyright 2024, cxsecurity.com