All 4 CVE vulnerabilities found in WP All Import Pro, with AI-generated Chinese analysis, references, and POCs.
Vendor: Soflyy
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9664 | WP All Import Pro <= 4.9.7 - Authenticated (Administrator+) PHP Object Injection via Import File CWE-502 | 7.2 | High | 2025-02-07 |
| CVE-2024-9661 | WP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content Deletion CWE-352 | 4.3 | Medium | 2025-02-07 |
| CVE-2024-8722 | WP All Import Pro <= 4.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via SVG File Upload CWE-79 | 5.5 | Medium | 2025-01-19 |
| CVE-2024-9624 | WP All Import Pro <= 4.9.3 - Authenticated (Administrator+) Server-Side Request Forgery via File Import CWE-918 | 7.6 | High | 2024-12-17 |
All 4 known CVE vulnerabilities affecting WP All Import Pro with full Chinese analysis, references, and POCs where available.