Description

WordPress Plugin Ultimate CSV Importer is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Ultimate CSV Importer version 3.7.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 3.7.3 or latest

References

https://wordpress.org/plugins/wp-ultimate-csv-importer/changelog/

Related Vulnerabilities

WordPress Plugin Wordpress Poll SQL Injection (36)

WordPress Plugin Active Directory Integration SQL Injection (1.1.8)

WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)

WordPress Plugin Smart Layers by AddThis Unspecified Vulnerability (1.0.1)

WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (2.1)

Severity

High

Tags

Missing Update