Description

WordPress Plugin CSV Importer is prone to multiple unspecified vulnerabilities. No available information exists regarding these issues and their impact on a vulnerable website. WordPress Plugin CSV Importer version 0.3.7 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 0.3.8 or latest

References

https://wordpress.org/plugins/csv-importer/changelog/

Related Vulnerabilities

Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5247)

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)

WordPress Plugin Smart Forms-when you need more than just a contact form Cross-Site Scripting (2.6.15)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1161)

ATutor Improper Authentication Vulnerability (CVE-2014-9753)

Severity

High

Tags

Missing Update