Description
WordPress Plugin ImportWP-Import any XML or CSV File into WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete specified posts. WordPress Plugin ImportWP-Import any XML or CSV File into WordPress version 1.1.5 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.6.11)
WordPress Plugin GD bbPress Attachments Cross-Site Scripting (2.5)
WordPress Plugin WordPress Download Manager Unspecified Vulnerability (3.1.18)
Apache HTTP Server Other Vulnerability (CVE-2002-1658)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)