Description

WordPress Plugin Woocommerce CSV importer is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Woocommerce CSV importer version 3.4.0 is vulnerable; prior versions may also be affected.

Remediation

Disable the plugin until a fix is available

References

https://wordpress.org/plugins/woocommerce-csvimport/#description

Related Vulnerabilities

WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)

WordPress Plugin Team Members Cross-Site Scripting (5.0.3)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2509)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20327)

WordPress Plugin Theme Blvd Shortcodes Multiple Security Bypass Vulnerabilities (1.5.2)

Severity

High

Tags

Missing Update