Shodan
Vulnerabilities
Vulnerable Software
Soflyy:  Security Vulnerabilities
CVE-2015-9329
The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-20
CVE-2015-9330
The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-20
CVE-2015-9331
The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-08-20
CVE-2017-18567
The wp-all-import plugin before 3.4.6 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-20
CVE-2018-16257
There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16258
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16259
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12
CVE-2018-16254
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.003
Published
2019-04-12
CVE-2018-16255
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.003
Published
2019-04-12
CVE-2018-16256
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved