WP All Import
WP All Import
Developer
4.0.1
Latest version
100,000
Installations
No date
Last updated
Vulnerability history
0 present
17 patched
2 Mitigation rules
- Reflected Cross-Site Scripting via 'filepath' vulnerability<= 4.0.006/03/2026
- Admin+ Arbitrary File Upload to RCE vulnerability< 3.7.305/02/2026
- Authenticated (Administrator+) Remote Code Execution via Conditional Logic vulnerability<= 3.9.612/11/2025
- Authenticated (Admin+) Limited Unsafe File Upload vulnerability<= 3.9.309/09/2025
- Authenticated (Administrator+) PHP Object Injection via Import File vulnerability<= 3.7.903/02/2025
- Cross-Site Request Forgery to Imported Content Deletion<= 3.7.903/02/2025
- Cross Site Request Forgery (CSRF) vulnerability<= 3.7.310/04/2024
- Auth. Directory traversal vulnerability<= 3.6.817/10/2022
- Auth. Arbitrary File Upload vulnerability<= 3.6.814/10/2022
- Authenticated Malicious File Upload vulnerability<= 3.6.701/07/2022
- Authenticated Arbitrary Code Execution vulnerability<= 3.6.728/06/2022
- Stored Cross-Site Scripting (XSS) vulnerability<= 3.6.202/11/2021
- Cross-Site Scripting (XSS) vulnerability<= 3.4.613/03/2018
- Cross-Site Scripting (XSS) vulnerability<= 3.4.512/03/2018
- Cross-Site Scripting (XSS) vulnerability<= 3.4.517/10/2017
- Multiple Vulnerabilities<= 3.2.417/03/2015
- Remote Code Execution<= 3.2.326/02/2015