| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-7419 | WP All Export Pro <= 1.9.1 - Unauthenticated Remote Code Execution via Custom Export Fields | WP All Import | WP All Export Pro | High | 8.3 | 2025-02-07 15:21:05 | Deep Dive |
| CVE-2025-24689 | WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability | Javier Carazo | Import and export users and customers | Medium | 5.9 | 2025-01-27 14:22:18 | Deep Dive |
| CVE-2024-13562 | Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | jcollings | Import WP – Export and Import CSV and XML files to WordPress | High | 7.5 | 2025-01-25 11:22:35 | Deep Dive |
| CVE-2025-23781 | WordPress WM Options Import Export plugin <= 1.0.1 - Sensitive Data Exposure vulnerability | Web Mumbai | WM Options Import Export | High | 7.5 | 2025-01-22 14:29:22 | Deep Dive |
| CVE-2024-10866 | Export Import Menus <= 1.9.1 - Missing Authorization to Unauthenticated Menu Export | akshay-menariya | Export Import Menus | Medium | 5.3 | 2025-01-07 07:22:32 | Deep Dive |
| CVE-2024-54262 | WordPress Import Export For WooCommerce plugin <= 1.6.2 - Arbitrary File Upload vulnerability | sidngr | Import Export For WooCommerce | Critical | 9.9 | 2024-12-13 14:24:43 | Deep Dive |
| CVE-2024-9609 | LearnPress Export Import – WordPress extension for LearnPress <= 4.0.4 - Reflected Cross-Site Scripting | thimpress | LearnPress – Backup & Migration Tool | Medium | 6.1 | 2024-11-15 04:29:06 | Deep Dive |
| CVE-2024-50413 | WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability | Javier Carazo | Import and export users and customers | Medium | 5.9 | 2024-10-29 08:47:50 | Deep Dive |
| CVE-2024-49244 | WordPress SV Product Import Export for WooCommerce plugin <= 1.0.0 - SQL Injection vulnerability | vrinsoft | CSV Product Import Export for WooCommerce | - | - | 2024-10-17 17:33:11 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-7514 | WordPress Comments Import & Export <= 2.3.7 - Authenticated (Author+) Arbitrary File Read via Directory Traversal | webtoffee | Comments Import & Export | Medium | 6.5 | 2024-10-11 08:30:45 | Deep Dive |
| CVE-2024-7620 | Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import | beaverbuilder | Customizer Export/Import | Medium | 6.6 | 2024-09-07 11:17:05 | Deep Dive |
| CVE-2024-38787 | WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability | Javier Carazo | Import and export users and customers | High | 7.5 | 2024-08-13 10:33:21 | Deep Dive |
| CVE-2024-34815 | WordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerability | Javier Carazo | Import and export users and customers | Medium | 5.4 | 2024-06-11 16:18:06 | Deep Dive |
| CVE-2024-22151 | WordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerability | Codection | Import and export users and customers | Medium | 5.3 | 2024-06-08 16:19:33 | Deep Dive |
| CVE-2024-34751 | WordPress Order Export & Order Import for WooCommerce plugin <= 2.4.9 - PHP Object Injection vulnerability | WebToffee | Order Export & Order Import for WooCommerce | Medium | 4.4 | 2024-05-16 15:47:13 | Deep Dive |
| CVE-2024-4656 | Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | carazo | Import and export users and customers | Medium | 4.4 | 2024-05-15 01:56:55 | Deep Dive |
| CVE-2024-4734 | Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | carazo | Import and export users and customers | Medium | 4.4 | 2024-05-15 01:56:53 | Deep Dive |
| CVE-2024-1050 | Import and export users and customers <= 1.26.5 - Missing Authorization | carazo | Import and export users and customers | Medium | 4.3 | 2024-05-04 07:36:22 | Deep Dive |
| CVE-2024-32817 | WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability | Javier Carazo | Import and export users and customers | Medium | 4.4 | 2024-04-24 07:27:26 | Deep Dive |