VYPR

Simple User Import Export

by WordPress

CVEs (1)

  • CVE-2025-13133MedNov 18, 2025
    risk 0.43cvss 6.6epss 0.00

    The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the 'Import/export users' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted…