Shodan
Vulnerabilities
Vulnerable Software
Soflyy:  >> Wp All Import  Security Vulnerabilities
CVE-2017-18567
The wp-all-import plugin before 3.4.6 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-20
CVE-2018-16257
There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16258
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16259
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16254
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.003
Published
2019-04-12
CVE-2018-16255
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16256
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-0546
Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-03-09
CVE-2018-0547
Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-03-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved