CVEDB API

Vulnerabilities

Vulnerable Software

Xylusthemes: >> Wp Smart Import Security Vulnerabilities

CVE-2025-47453

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3.

CVSS Score

8.1

EPSS Score

0.001

Published

2025-05-23

CVE-2024-32597

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.

CVSS Score

5.9

EPSS Score

0.001

Published

2024-04-18

CVE-2024-30201

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.

CVSS Score

7.1

EPSS Score

0.003

Published

2024-03-27

CVE-2022-40209

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.

CVSS Score

6.1

EPSS Score

0.003

Published

2022-12-06

CVE-2020-24147

Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.

CVSS Score

9.1

EPSS Score

0.01

Published

2021-07-07

Page 1

Vulnerabilities

Vulnerable Software

Xylusthemes: >> Wp Smart Import Security Vulnerabilities

Products

Pricing

Contact Us