| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-50013 | WordPress CSV Importer Improved plugin <= 0.6.1 - Cross Site Scripting (XSS) Vulnerability | Jason Judge | CSV Importer Improved | Medium | 5.9 | 2025-06-20 15:04:02 | Deep Dive |
| CVE-2025-6086 | CSV Me <= 2.0 - Authenticated (Administrator+) Arbitrary File Upload | scottyla | CSV Me | High | 7.2 | 2025-06-18 09:21:31 | Deep Dive |
| CVE-2025-49597 | handcraftedinthealps goodby-csv Potential Gadget Chain allowing Remote Code Execution | handcraftedinthealps | goodby-csv | Low | 3.9 | 2025-06-13 19:51:19 | Deep Dive |
| CVE-2025-4190 | CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload | Unknown | CSV Mass Importer | - | - | 2025-05-17 06:00:04 | Deep Dive |
| CVE-2025-2008 | Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.8 | 2025-04-01 04:21:21 | Deep Dive |
| CVE-2025-2007 | Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Deletion | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.1 | 2025-04-01 04:21:20 | Deep Dive |
| CVE-2025-1911 | Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function | webtoffee | Product Import Export for WooCommerce – Import Export Product CSV Suite | Low | 2.7 | 2025-03-26 11:55:53 | Deep Dive |
| CVE-2025-1913 | Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter | webtoffee | Product Import Export for WooCommerce – Import Export Product CSV Suite | High | 7.2 | 2025-03-26 11:55:53 | Deep Dive |
| CVE-2025-1912 | Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function | webtoffee | Product Import Export for WooCommerce – Import Export Product CSV Suite | High | 7.6 | 2025-03-26 11:55:52 | Deep Dive |
| CVE-2025-1769 | Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function | webtoffee | Product Import Export for WooCommerce – Import Export Product CSV Suite | Medium | 4.9 | 2025-03-26 11:22:09 | Deep Dive |
| CVE-2024-13562 | Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | jcollings | Import WP – Export and Import CSV and XML files to WordPress | High | 7.5 | 2025-01-25 11:22:35 | Deep Dive |
| CVE-2024-55988 | WordPress Navayan CSV Export Plugin <= 1.0.9 - SQL Injection vulnerability | Amol Nirmala Waman | Navayan CSV Export | Critical | 9.3 | 2024-12-16 14:31:16 | Deep Dive |
| CVE-2024-54275 | WordPress CSV to html plugin <= 3.08 - Reflected Cross Site Scripting (XSS) vulnerability | wibergsweb | CSV to html | High | 7.1 | 2024-12-13 14:24:51 | Deep Dive |
| CVE-2024-52406 | WordPress CSV to html plugin <= 3.26 - Arbitrary File Upload vulnerability | wibergsweb | CSV to html | Critical | 9.9 | 2024-11-16 21:47:55 | Deep Dive |
| CVE-2024-52372 | WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability | WebTechGlobal | Easy CSV Importer BETA | Critical | 10.0 | 2024-11-14 18:12:24 | Deep Dive |
| CVE-2024-49244 | WordPress SV Product Import Export for WooCommerce plugin <= 1.0.0 - SQL Injection vulnerability | vrinsoft | CSV Product Import Export for WooCommerce | - | - | 2024-10-17 17:33:11 | Deep Dive |
| CVE-2024-32431 | WordPress Import Users from CSV plugin <= 1.2 - PHP Object Injection | WP All Import | Import Users from CSV | Medium | 4.4 | 2024-04-15 07:16:16 | Deep Dive |
| CVE-2024-31939 | WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability | Soflyy | Import any XML or CSV File to WordPress | Medium | 4.3 | 2024-04-10 19:17:54 | Deep Dive |
| CVE-2023-5122 | SSRF in CSV Datasource Plugin | Grafana | grafana-csv-datasource | Medium | 5.0 | 2024-02-14 15:06:13 | Deep Dive |
| CVE-2023-7082 | WP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCE | Unknown | Import any XML or CSV File to WordPress | 高危 | - | 2024-01-22 19:14:29 | Deep Dive |