Description

WordPress Plugin CSV Importer is prone to multiple unspecified vulnerabilities. No available information exists regarding these issues and their impact on a vulnerable website. WordPress Plugin CSV Importer version 0.3.7 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 0.3.8 or latest

References

https://wordpress.org/plugins/csv-importer/changelog/

Related Vulnerabilities

WordPress Plugin Contact Form 7-PayPal Add-on Cross-Site Request Forgery (1.3.4)

Oracle Application Server CVE-2008-2583 Vulnerability (CVE-2008-2583)

CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724)

WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress Cross-Site Scripting (1.5.38)

Vanilla Forums Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4954)

Severity

High

Tags

Missing Update