Description

WordPress Plugin Import all XML, CSV & TXT into WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete arbitrary options from the blog. WordPress Plugin Import all XML, CSV & TXT into WordPress version 6.4.1 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 6.4.2 or latest

References

Related Vulnerabilities