Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2019-15326 (GCVE-0-2019-15326)

Vulnerability from cvelistv5 – Published: 2019-08-22 19:10 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9392	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.710Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9392"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-23T13:06:14.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9392"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15326",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9392",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9392"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15326",
    "datePublished": "2019-08-22T19:10:38.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15327 (GCVE-0-2019-15327)

Vulnerability from cvelistv5 – Published: 2019-08-22 19:10 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:10:04.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15327",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15327",
    "datePublished": "2019-08-22T19:10:04.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15328 (GCVE-0-2019-15328)

Vulnerability from cvelistv5 – Published: 2019-08-22 19:09 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:09:31.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15328",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15328",
    "datePublished": "2019-08-22T19:09:31.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15329 (GCVE-0-2019-15329)

Vulnerability from cvelistv5 – Published: 2019-08-22 19:08 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.754Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:08:42.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15329",
    "datePublished": "2019-08-22T19:08:42.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-14683 (GCVE-0-2019-14683)

Vulnerability from cvelistv5 – Published: 2019-08-08 19:54 – Updated: 2024-08-05 00:19

Summary

The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

4 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9392	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC
https://www.pluginvulnerabilities.com/2019/06/21/…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:19:41.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9392"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The codection \"Import users from CSV with meta\" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T12:06:07.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9392"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14683",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The codection \"Import users from CSV with meta\" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9392",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9392"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
            },
            {
              "name": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/",
              "refsource": "MISC",
              "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14683",
    "datePublished": "2019-08-08T19:54:52.000Z",
    "dateReserved": "2019-08-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:19:41.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-20101 (GCVE-0-2018-20101)

Vulnerability from cvelistv5 – Published: 2018-12-12 16:00 – Updated: 2024-08-05 11:51

Summary

The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9176	x_refsource_MISC

Date Public

2018-12-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:51:19.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9176"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-12-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The codection \"Import users from CSV with meta\" plugin before 1.12.1 for WordPress allows XSS via the value of a cell."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-06T10:06:11.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9176"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20101",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The codection \"Import users from CSV with meta\" plugin before 1.12.1 for WordPress allows XSS via the value of a cell."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9176",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9176"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20101",
    "datePublished": "2018-12-12T16:00:00.000Z",
    "dateReserved": "2018-12-12T00:00:00.000Z",
    "dateUpdated": "2024-08-05T11:51:19.081Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15326 (GCVE-0-2019-15326)

Vulnerability from nvd – Published: 2019-08-22 19:10 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9392	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.710Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9392"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-23T13:06:14.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9392"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15326",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9392",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9392"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15326",
    "datePublished": "2019-08-22T19:10:38.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15327 (GCVE-0-2019-15327)

Vulnerability from nvd – Published: 2019-08-22 19:10 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:10:04.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15327",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15327",
    "datePublished": "2019-08-22T19:10:04.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15328 (GCVE-0-2019-15328)

Vulnerability from nvd – Published: 2019-08-22 19:09 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:09:31.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15328",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15328",
    "datePublished": "2019-08-22T19:09:31.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15329 (GCVE-0-2019-15329)

Vulnerability from nvd – Published: 2019-08-22 19:08 – Updated: 2024-08-05 00:42

Summary

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.754Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T19:08:42.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2050450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15329",
    "datePublished": "2019-08-22T19:08:42.000Z",
    "dateReserved": "2019-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:42:03.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-14683 (GCVE-0-2019-14683)

Vulnerability from nvd – Published: 2019-08-08 19:54 – Updated: 2024-08-05 00:19

Summary

The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

4 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9392	x_refsource_MISC
https://plugins.trac.wordpress.org/browser/import…	x_refsource_MISC
https://www.pluginvulnerabilities.com/2019/06/21/…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:19:41.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9392"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The codection \"Import users from CSV with meta\" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T12:06:07.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9392"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14683",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The codection \"Import users from CSV with meta\" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9392",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9392"
            },
            {
              "name": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013",
              "refsource": "MISC",
              "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta?rev=2112013"
            },
            {
              "name": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/",
              "refsource": "MISC",
              "url": "https://www.pluginvulnerabilities.com/2019/06/21/cross-site-request-forgery-csrf-media-deletion-vulnerability-in-import-users-from-csv-with-meta/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14683",
    "datePublished": "2019-08-08T19:54:52.000Z",
    "dateReserved": "2019-08-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:19:41.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-20101 (GCVE-0-2018-20101)

Vulnerability from nvd – Published: 2018-12-12 16:00 – Updated: 2024-08-05 11:51

Summary

The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://wordpress.org/plugins/import-users-from-c…	x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9176	x_refsource_MISC

Date Public

2018-12-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:51:19.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpvulndb.com/vulnerabilities/9176"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-12-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The codection \"Import users from CSV with meta\" plugin before 1.12.1 for WordPress allows XSS via the value of a cell."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-06T10:06:11.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpvulndb.com/vulnerabilities/9176"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20101",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The codection \"Import users from CSV with meta\" plugin before 1.12.1 for WordPress allows XSS via the value of a cell."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers",
              "refsource": "MISC",
              "url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#developers"
            },
            {
              "name": "https://wpvulndb.com/vulnerabilities/9176",
              "refsource": "MISC",
              "url": "https://wpvulndb.com/vulnerabilities/9176"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20101",
    "datePublished": "2018-12-12T16:00:00.000Z",
    "dateReserved": "2018-12-12T00:00:00.000Z",
    "dateUpdated": "2024-08-05T11:51:19.081Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

12 vulnerabilities found for import_users_from_csv_with_meta by codection

CVE-2019-15326 (GCVE-0-2019-15326)

CVE-2019-15327 (GCVE-0-2019-15327)

CVE-2019-15328 (GCVE-0-2019-15328)

CVE-2019-15329 (GCVE-0-2019-15329)

CVE-2019-14683 (GCVE-0-2019-14683)

CVE-2018-20101 (GCVE-0-2018-20101)

CVE-2019-15326 (GCVE-0-2019-15326)

CVE-2019-15327 (GCVE-0-2019-15327)

CVE-2019-15328 (GCVE-0-2019-15328)

CVE-2019-15329 (GCVE-0-2019-15329)

CVE-2019-14683 (GCVE-0-2019-14683)

CVE-2018-20101 (GCVE-0-2018-20101)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.