Smackcoders Wp_ultimate_csv_importer
4 CVEs affecting Smackcoders Wp_ultimate_csv_importer. Latest disclosed: 2023-08-04. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4142 | High | 8.0 | 2023-08-04 | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus1' parameter. Th… |
CVE-2023-4141 | High | 8.0 | 2023-08-04 | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus2' parameter. Th… |
CVE-2023-4139 | High | 7.5 | 2023-08-04 | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export f… |
CVE-2023-4140 | Medium | 6.6 | 2023-08-04 | The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction… |