Import Export WordPress Users

WebToffee

Developer

2.7.2

Latest version

60,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

10 patched

4 Mitigation rules

Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability
<= 2.6.2
24/03/2025
Authenticated (Admin+) PHP Object Injection via form_data Parameter vulnerability
<= 2.6.2
24/03/2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function vulnerability
<= 2.6.2
24/03/2025
Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function vulnerability
<= 2.6.2
24/03/2025
Deserialization of untrusted data vulnerability
<= 2.5.3
22/04/2024
Path Traversal vulnerability
<= 2.5.2
28/03/2024
Authenticated (Shop Manager+) Arbitrary File Upload vulnerability
<= 2.4.8
13/12/2023
Missing Authorization to Authenticated (Shop Manager) Arbitrary User Password Change vulnerability
<= 2.4.1
18/07/2023
Arbitrary User Creation vulnerability
<= 1.3.8
11/03/2020
CSV Injection vulnerability
<= 1.3.1
26/08/2019