CVE-2023-4140
- EPSS 0.06%
- Veröffentlicht 04.08.2023 03:15:14
- Zuletzt bearbeitet 21.11.2024 08:34:28
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'get_header_values' function. This makes it possible for authenticated attackers, w...
CVE-2023-4141
- EPSS 4.6%
- Veröffentlicht 04.08.2023 03:15:14
- Zuletzt bearbeitet 21.11.2024 08:34:28
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus2' parameter. This allows authenticated attackers with author-level permissions or above, if the administra...
CVE-2023-4142
- EPSS 4.6%
- Veröffentlicht 04.08.2023 03:15:14
- Zuletzt bearbeitet 21.11.2024 08:34:28
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus1' parameter. This allows authenticated attackers with author-level permissions or above, if the administra...
CVE-2023-4139
- EPSS 0.44%
- Veröffentlicht 04.08.2023 03:15:13
- Zuletzt bearbeitet 21.11.2024 08:34:28
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthen...