Demo Importer Plus

Kraft Plugins

Developer

2.0.10

Latest version

10,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

4 fixed

2 Mitigation rules

Authenticated (Author+) Blind XML External Entity Injection via SVG File Upload vulnerability
<= 2.0.9
2 hours ago
Broken Access Control vulnerability
<= 2.0.8
Jan 5, 2026
Missing Authorization to Authenticated (Subscriber+) Site Reset and Privilege Escalation vulnerability
<= 2.0.8
Dec 18, 2025
Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability
<= 2.0.1
Oct 2, 2024