← Back

Youngtechleads

youngtechleads

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Members Import
members_import
1 CVE
Change Table Prefix
change_table_prefix
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-25932
1Youngtechleads
1Change Table Prefix
Jun 17, 2026
Feb 29, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix change-table-prefix allows Cross Site Request Forgery.This issue affects Change Table Prefix: from n/a through <= 2.0.
CVE-2022-4663
1Youngtechleads
1Members Import
Jun 17, 2026
Jan 3, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient input sanitization and o...Show more
The Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a site's administrator into uploading a CSV file with the malicious payload.Show less