| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2830 | WP All Import <= 4.0.0 - Reflected Cross-Site Scripting via 'filepath' | wpallimport | WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets | Medium | 6.1 | 2026-03-06 07:22:51 | Deep Dive |
| CVE-2023-4142 | WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.0 | 2023-08-04 02:04:31 | Deep Dive |
| CVE-2023-4141 | WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.0 | 2023-08-04 02:04:29 | Deep Dive |
| CVE-2023-4139 | WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 7.5 | 2023-08-04 02:04:27 | Deep Dive |
| CVE-2023-4140 | WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | Medium | 6.6 | 2023-08-04 02:04:25 | Deep Dive |
| CVE-2022-3243 | Import all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLi | Unknown | Import all XML, CSV & TXT into WordPress | 高危 | - | 2022-10-17 00:00:00 | Deep Dive |
| CVE-2022-3244 | Import all XML, CSV & TXT into WordPress < 6.5.8 - Missing Authorisation | Unknown | Import all XML, CSV & TXT into WordPress | 中危 | - | 2022-10-17 00:00:00 | Deep Dive |