NotCVE - vendor:"Soflyy" product:"Wp All Import" version:"3.4.9"

Page 2 of 13 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-16256

https://notcve.org/view.php?id=CVE-2018-16256

12 Apr 2019 — There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator ** EN DISPUTA ** Vulnerabilidad de Cross-Site Scripting (XSS) en el plugin WP All Import versión 3.4.9 para WordPress mediante Add Filtering Options(Add Rule).NOTA: El proveedor declara que ... • https://ansawaf.blogspot.com/2019/04/xss-in-import-any-xml-or-csv-file-for.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16255

https://notcve.org/view.php?id=CVE-2018-16255

12 Apr 2019 — There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator ** EN DISPUTA ** Hay una vulnerabilidad de tipo XSS en el plugin WP All Import para WordPress, versión 3.4.9, a través de action=evaluate.NOTA: El proveedor declara que esto no es una vulnerabilidad. WP All... • https://ansawaf.blogspot.com/2019/04/xss-in-import-any-xml-or-csv-file-for.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16254

https://notcve.org/view.php?id=CVE-2018-16254

12 Apr 2019 — There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator ** EN DISPUTA ** Hay una vulnerabilidad Cross-site scripting (XSS) en el plugin WP All Import versión 3.4.9 para WordPress a través de action=options.NOTA: El proveedor declara que esto no es una vulnerabili... • https://ansawaf.blogspot.com/2019/04/xss-in-import-any-xml-or-csv-file-for.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2