VYPR

Comments Import Export Woocommerce

by WordPress

Source repositories

CVEs (5)

  • CVE-2018-11526HigJun 19, 2018
    risk 0.54cvss 7.8epss 0.05

    The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.

  • CVE-2025-54029HigAug 28, 2025
    risk 0.50cvss 7.7epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in extendons WooCommerce csv import export extendons-eo-wooimport-export allows Path Traversal.This issue affects WooCommerce csv import export: from n/a through <= 2.0.6.

  • CVE-2024-7514MedOct 11, 2024
    risk 0.46cvss 6.5epss 0.01

    The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with…

  • CVE-2025-3919MedJun 2, 2025
    risk 0.35cvss 6.4epss 0.00

    The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings function in all versions up to, and including, 2.4.3. Additionally, the plugin fails to properly sanitize and…

  • CVE-2024-31235MedApr 12, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5.