ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Import CSV Plugin 1.0 - Directory Traversal

Product
Import CSV
Description
This Import CSV plugin is prone to a directory-traversal vulnerability. It fails to clean up user-supplied input. Using this plugin allows an attacker to obtain an important information which could aid in further attacks.
Solution
Upgrade the plugin.
Classification
Type Information Disclosure
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2016-03-21
Credits
Wadeek