Webtoffee Export And Import Users And Customers
6 CVEs affecting Webtoffee Export And Import Users And Customers. Latest disclosed: 2025-03-22. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-1970 | High | 7.6 | 2025-03-22 | The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.2 via the… |
CVE-2025-1971 | High | 7.2 | 2025-03-22 | The Export and Import Users and Customers plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.2 via deserializ… |
CVE-2023-6558 | High | 7.2 | 2024-01-11 | The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_… |
CVE-2023-3459 | High | 7.2 | 2023-07-18 | The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hf_… |
CVE-2025-1973 | Medium | 4.9 | 2025-03-22 | The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.6.2 via the download_fil… |
CVE-2025-1972 | Low | 2.7 | 2025-03-22 | The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_l… |