ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP All Import Plugin <= 3.2.4 - Multiple Vulnerabilities

Product
Import any XML or CSV File to WordPress
Description
This plugin is prone to an SQL injection and cross site scripting vulnerabilities. Because of them, attackers can gain admin access to your website or trick you into visiting the malicious URL.
Solution
Update the plugin.
Classification
Type Multi
References
WP All Import
CVE
Name CVE-N/A
Versions
Affected In <= 3.2.4
Fixed In 3.2.5
Disclosure date
2015-03-17
Submitter
ThreatPress