Description

WordPress Plugin Import all XML, CSV & TXT into WordPress is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Import all XML, CSV & TXT into WordPress version 3.7.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 3.7.3 or latest

References

https://wordpress.org/plugins/wp-ultimate-csv-importer/changelog/

Related Vulnerabilities

WordPress Plugin WooCommerce HTML Injection (6.5.1)

WordPress Plugin Border Loading Bar Cross-Site Scripting (1.0.1)

WordPress Plugin oQey Gallery 'tbpv_domain' Parameter Cross-Site Scripting (0.2)

WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)

Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)

Severity

High

Tags

Missing Update