WordPress WP All Import Plugin <= 3.2.4 - Multiple Vulnerabilities

Back

Product: Import any XML or CSV File to WordPress
Description: This plugin is prone to an SQL injection and cross site scripting vulnerabilities. Because of them, attackers can gain admin access to your website or trick you into visiting the malicious URL.
Solution: Update the plugin.
Classification: Type Multi
References: WP All Import
CVE: Name CVE-N/A
Versions: Affected In <= 3.2.4
Fixed In 3.2.5
Disclosure date: 2015-03-17
Submitter: ThreatPress