Description

WordPress Plugin Import all XML, CSV & TXT into WordPress is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Import all XML, CSV & TXT into WordPress version 3.7.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 3.7.3 or latest

References

https://wordpress.org/plugins/wp-ultimate-csv-importer/changelog/

Related Vulnerabilities

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-20001)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4942)

Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5189)

WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress Cross-Site Scripting (1.4.0)

WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.29.1)

Severity

High

Tags

Missing Update