Vulnerability Details CVE-2019-14683
The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.7%
CVSS Severity
CVSS v3 Score 5.7
CVSS v2 Score 4.9
References
- https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013
- https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers
- https://wpvulndb.com/vulnerabilities/9392
- https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/
- https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013
- https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers
- https://wpvulndb.com/vulnerabilities/9392
- https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/
Products affected by CVE-2019-14683
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.0
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.0.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.0
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.1.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.10
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.11
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.11.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.12
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.13
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.2.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.2.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.3.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.6.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.7.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.8.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.10.9.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.10
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.11
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.12
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.13
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.14
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.15
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.16
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.17
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.11.3.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.2.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.2.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.2.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.3.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.5.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.6.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.12.6.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.13
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.13.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.13.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.0.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.1.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.1.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.1.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.14.2.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.2.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.2.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.2.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.11.3.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.9.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.9.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.9.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.3.9.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.4.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.4.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.5.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.5.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.6.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.6.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.6.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.6.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.7.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.7.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.7.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.7.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.7.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.8.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.4.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.8.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.1
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.2
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.3
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.4
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.5
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.6
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.7
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.8
-
cpe:2.3:a:codection:import_users_from_csv_with_meta:1.9.9.9