Description

WordPress Plugin Import all XML, CSV & TXT into WordPress is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Import all XML, CSV & TXT into WordPress version 3.7.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 3.7.3 or latest

References

https://wordpress.org/plugins/wp-ultimate-csv-importer/changelog/

Related Vulnerabilities

WordPress Plugin WebP Converter for Media Cross-Site Request Forgery (1.0.2)

MediaWiki Improper Authentication Vulnerability (CVE-2018-0505)

MySQL CVE-2014-2450 Vulnerability (CVE-2014-2450)

WordPress Plugin WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Request Forgery (1.2.7.2)

WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)

Severity

High

Tags

Missing Update