Vulnerabilities (CVE)

Filtered by vendor Codection Subscribe
Filtered by product Import Users From Csv With Meta
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15328 1 Codection 1 Import Users From Csv With Meta 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS.
CVE-2019-15327 1 Codection 1 Import Users From Csv With Meta 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.
CVE-2019-15329 1 Codection 1 Import Users From Csv With Meta 2024-02-28 6.8 MEDIUM 8.8 HIGH
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.
CVE-2019-14683 1 Codection 1 Import Users From Csv With Meta 2024-02-28 4.9 MEDIUM 5.7 MEDIUM
The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.
CVE-2019-15326 1 Codection 1 Import Users From Csv With Meta 2024-02-28 5.0 MEDIUM 7.5 HIGH
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
CVE-2018-20101 1 Codection 1 Import Users From Csv With Meta 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.