Description
Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress.
References
https://wordpress.org/plugins/wp-all-import/#developers
ProductRelease Notes
https://wordpress.org/plugins/wp-all-import/#developers
ProductRelease Notes
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2022-09-21T20:15:10.673
2 years agoLast modified
2025-02-20T20:15:35.463
4 months ago