CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2711

The Import any XML or CSV File to WordPress plugin before 3.6.9 is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vector.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 56.9%

CVSS Severity

CVSS v3 Score 7.2

References

Products affected by CVE-2022-2711

Soflyy » Wp All Import » Version: 2.12

cpe:2.3:a:soflyy:wp_all_import:2.12
Soflyy » Wp All Import » Version: 2.13

cpe:2.3:a:soflyy:wp_all_import:2.13
Soflyy » Wp All Import » Version: 2.14

cpe:2.3:a:soflyy:wp_all_import:2.14
Soflyy » Wp All Import » Version: 3.0

cpe:2.3:a:soflyy:wp_all_import:3.0
Soflyy » Wp All Import » Version: 3.0.2

cpe:2.3:a:soflyy:wp_all_import:3.0.2
Soflyy » Wp All Import » Version: 3.0.4

cpe:2.3:a:soflyy:wp_all_import:3.0.4
Soflyy » Wp All Import » Version: 3.1.0

cpe:2.3:a:soflyy:wp_all_import:3.1.0
Soflyy » Wp All Import » Version: 3.1.1

cpe:2.3:a:soflyy:wp_all_import:3.1.1
Soflyy » Wp All Import » Version: 3.1.2

cpe:2.3:a:soflyy:wp_all_import:3.1.2
Soflyy » Wp All Import » Version: 3.1.3

cpe:2.3:a:soflyy:wp_all_import:3.1.3
Soflyy » Wp All Import » Version: 3.1.4

cpe:2.3:a:soflyy:wp_all_import:3.1.4
Soflyy » Wp All Import » Version: 3.1.5

cpe:2.3:a:soflyy:wp_all_import:3.1.5
Soflyy » Wp All Import » Version: 3.2.0

cpe:2.3:a:soflyy:wp_all_import:3.2.0
Soflyy » Wp All Import » Version: 3.2.1

cpe:2.3:a:soflyy:wp_all_import:3.2.1
Soflyy » Wp All Import » Version: 3.2.2

cpe:2.3:a:soflyy:wp_all_import:3.2.2
Soflyy » Wp All Import » Version: 3.2.3

cpe:2.3:a:soflyy:wp_all_import:3.2.3
Soflyy » Wp All Import » Version: 3.2.4

cpe:2.3:a:soflyy:wp_all_import:3.2.4
Soflyy » Wp All Import » Version: 3.2.5

cpe:2.3:a:soflyy:wp_all_import:3.2.5
Soflyy » Wp All Import » Version: 3.2.6

cpe:2.3:a:soflyy:wp_all_import:3.2.6
Soflyy » Wp All Import » Version: 3.2.7

cpe:2.3:a:soflyy:wp_all_import:3.2.7
Soflyy » Wp All Import » Version: 3.2.8

cpe:2.3:a:soflyy:wp_all_import:3.2.8
Soflyy » Wp All Import » Version: 3.2.9

cpe:2.3:a:soflyy:wp_all_import:3.2.9
Soflyy » Wp All Import » Version: 3.3.0

cpe:2.3:a:soflyy:wp_all_import:3.3.0
Soflyy » Wp All Import » Version: 3.3.1

cpe:2.3:a:soflyy:wp_all_import:3.3.1
Soflyy » Wp All Import » Version: 3.3.2

cpe:2.3:a:soflyy:wp_all_import:3.3.2
Soflyy » Wp All Import » Version: 3.3.3

cpe:2.3:a:soflyy:wp_all_import:3.3.3
Soflyy » Wp All Import » Version: 3.3.4

cpe:2.3:a:soflyy:wp_all_import:3.3.4
Soflyy » Wp All Import » Version: 3.3.5

cpe:2.3:a:soflyy:wp_all_import:3.3.5
Soflyy » Wp All Import » Version: 3.3.6

cpe:2.3:a:soflyy:wp_all_import:3.3.6
Soflyy » Wp All Import » Version: 3.3.7

cpe:2.3:a:soflyy:wp_all_import:3.3.7
Soflyy » Wp All Import » Version: 3.3.8

cpe:2.3:a:soflyy:wp_all_import:3.3.8
Soflyy » Wp All Import » Version: 3.3.9

cpe:2.3:a:soflyy:wp_all_import:3.3.9
Soflyy » Wp All Import » Version: 3.4.0

cpe:2.3:a:soflyy:wp_all_import:3.4.0
Soflyy » Wp All Import » Version: 3.4.1

cpe:2.3:a:soflyy:wp_all_import:3.4.1
Soflyy » Wp All Import » Version: 3.4.2

cpe:2.3:a:soflyy:wp_all_import:3.4.2
Soflyy » Wp All Import » Version: 3.4.3

cpe:2.3:a:soflyy:wp_all_import:3.4.3
Soflyy » Wp All Import » Version: 3.4.4

cpe:2.3:a:soflyy:wp_all_import:3.4.4
Soflyy » Wp All Import » Version: 3.4.5

cpe:2.3:a:soflyy:wp_all_import:3.4.5
Soflyy » Wp All Import » Version: 3.4.6

cpe:2.3:a:soflyy:wp_all_import:3.4.6
Soflyy » Wp All Import » Version: 3.4.7

cpe:2.3:a:soflyy:wp_all_import:3.4.7
Soflyy » Wp All Import » Version: 3.4.8

cpe:2.3:a:soflyy:wp_all_import:3.4.8
Soflyy » Wp All Import » Version: 3.4.9

cpe:2.3:a:soflyy:wp_all_import:3.4.9
Soflyy » Wp All Import » Version: 3.5.0

cpe:2.3:a:soflyy:wp_all_import:3.5.0
Soflyy » Wp All Import » Version: 3.5.1

cpe:2.3:a:soflyy:wp_all_import:3.5.1
Soflyy » Wp All Import » Version: 3.5.2

cpe:2.3:a:soflyy:wp_all_import:3.5.2
Soflyy » Wp All Import » Version: 3.5.3

cpe:2.3:a:soflyy:wp_all_import:3.5.3
Soflyy » Wp All Import » Version: 3.5.4

cpe:2.3:a:soflyy:wp_all_import:3.5.4
Soflyy » Wp All Import » Version: 3.5.5

cpe:2.3:a:soflyy:wp_all_import:3.5.5
Soflyy » Wp All Import » Version: 3.5.6

cpe:2.3:a:soflyy:wp_all_import:3.5.6
Soflyy » Wp All Import » Version: 3.5.7

cpe:2.3:a:soflyy:wp_all_import:3.5.7
Soflyy » Wp All Import » Version: 3.5.8

cpe:2.3:a:soflyy:wp_all_import:3.5.8
Soflyy » Wp All Import » Version: 3.5.9

cpe:2.3:a:soflyy:wp_all_import:3.5.9
Soflyy » Wp All Import » Version: 3.6.0

cpe:2.3:a:soflyy:wp_all_import:3.6.0
Soflyy » Wp All Import » Version: 3.6.1

cpe:2.3:a:soflyy:wp_all_import:3.6.1
Soflyy » Wp All Import » Version: 3.6.2

cpe:2.3:a:soflyy:wp_all_import:3.6.2
Soflyy » Wp All Import » Version: 3.6.3

cpe:2.3:a:soflyy:wp_all_import:3.6.3
Soflyy » Wp All Import » Version: 3.6.4

cpe:2.3:a:soflyy:wp_all_import:3.6.4
Soflyy » Wp All Import » Version: 3.6.5

cpe:2.3:a:soflyy:wp_all_import:3.6.5
Soflyy » Wp All Import » Version: 3.6.6

cpe:2.3:a:soflyy:wp_all_import:3.6.6
Soflyy » Wp All Import » Version: 3.6.7

cpe:2.3:a:soflyy:wp_all_import:3.6.7
Soflyy » Wp All Import » Version: 3.6.8

cpe:2.3:a:soflyy:wp_all_import:3.6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2711

Products

Pricing

Contact Us