VYPR

Import all XML, CSV & TXT

by WordPress

CVEs (2)

  • CVE-2022-3243HigOct 17, 2022
    risk 0.47cvss 7.2epss 0.01

    The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin

  • CVE-2022-3244MedOct 17, 2022
    risk 0.27cvss 4.2epss 0.00

    The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce