Soflyy

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-18567 1Soflyy 1Wp All Import Nov 21, 2024 Aug 20, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-all-import plugin before 3.4.6 for WordPress has XSS.
CVE-2015-9331 1Soflyy 1Wp All Import Nov 21, 2024 Aug 20, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.
CVE-2015-9330 1Soflyy 1Wp All Import Nov 21, 2024 Aug 20, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection.
CVE-2015-9329 1Soflyy 1Wp All Import Nov 21, 2024 Aug 20, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS.
CVE-2018-16259 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a log...Show more There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-16258 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in...Show more There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-16257 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in admin...Show more There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-16256 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged i...Show more There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-16255 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator,...Show more There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-16254 1Soflyy 1Wp All Import Nov 21, 2024 Apr 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator,...Show more There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administratorShow less
CVE-2018-0547 1Soflyy 1Wp All Import Nov 21, 2024 Mar 9, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0546 1Soflyy 1Wp All Import Nov 21, 2024 Mar 9, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

Previous 12