Codection

Import And Export Users And Customers

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2025-24689

  • EPSS 0.13%
  • Veröffentlicht 27.01.2025 15:15:16
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Retrieve Embedded Sensitive Data.This issue affects Import and...

5.9

CVE-2024-50413

  • EPSS 0.3%
  • Veröffentlicht 29.10.2024 09:15:08
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Stored XSS.This issue affects Import and export users and...

7.5

CVE-2024-38787

  • EPSS 0.28%
  • Veröffentlicht 13.08.2024 11:15:17
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Insertion of Sensitive Information Into Sent Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.8.

5.4

CVE-2024-34815

  • EPSS 0.28%
  • Veröffentlicht 11.06.2024 17:16:01
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.5.

5.3

CVE-2024-22151

  • EPSS 0.24%
  • Veröffentlicht 08.06.2024 17:15:42
  • Zuletzt bearbeitet 12.07.2025 00:56:53

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.24.6.

4.4

CVE-2024-4734

  • EPSS 0.16%
  • Veröffentlicht 15.05.2024 02:15:11
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.26.6.1 due to insufficient input sanitization and output escaping. This makes it po...

5.4

CVE-2023-6624

  • EPSS 0.17%
  • Veröffentlicht 11.01.2024 09:15:50
  • Zuletzt bearbeitet 08.04.2026 18:18:38

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.24.3 due to insufficient input sanitization and output escaping on user ...

7.2

CVE-2023-6583

  • EPSS 1.9%
  • Veröffentlicht 11.01.2024 09:15:49
  • Zuletzt bearbeitet 08.04.2026 19:18:57

The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administ...

8

CVE-2022-3558

Exploit
  • EPSS 0.8%
  • Veröffentlicht 07.11.2022 10:15:12
  • Zuletzt bearbeitet 01.05.2025 20:15:34

The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.

4.8

CVE-2022-1255

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.05.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:40:21

The Import and export users and customers WordPress plugin before 1.19.2.1 does not sanitise and escaped imported CSV data, which could allow high privilege users to import malicious javascript code and lead to Stored Cross-Site Scripting issues