Description
Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress.
References
https://wordpress.org/plugins/wp-all-import/#developers
ProductRelease Notes
https://wordpress.org/plugins/wp-all-import/#developers
ProductRelease Notes
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 · Critical
Information
Source identifier
Vulnerability status
Modified
Published
2022-09-21T18:15:10.673Z
3 years agoLast modified
2025-02-20T19:15:35.463Z
1 year ago