CVE-2025-47453
- EPSS 0.16%
- Veröffentlicht 23.05.2025 12:43:36
- Zuletzt bearbeitet 12.01.2026 14:48:14
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3.
CVE-2024-32597
- EPSS 0.11%
- Veröffentlicht 18.04.2024 09:15:14
- Zuletzt bearbeitet 13.01.2026 02:38:44
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.
CVE-2024-30201
- EPSS 0.35%
- Veröffentlicht 27.03.2024 07:15:59
- Zuletzt bearbeitet 08.01.2026 19:13:51
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.
CVE-2022-40209
- EPSS 0.29%
- Veröffentlicht 06.12.2022 15:15:15
- Zuletzt bearbeitet 21.11.2024 07:21:04
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.
CVE-2020-24147
- EPSS 1.01%
- Veröffentlicht 07.07.2021 14:15:09
- Zuletzt bearbeitet 21.11.2024 05:14:26
Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.