cleantalk
Vulnerabilities and Security Researches

Import CSV or XML Datafeed With Ease, CVE-2022-0360

CVE, Research URL

CVE-2022-0360

Home page URL

Security reports for Import CSV or XML Datafeed With Ease

Application

Import CSV or XML Datafeed With Ease

Published on
Feb 28, 2022
Research Description
The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues
Affected versions
Min -, max 6.4.3.
Status
vulnerable
Previous vulnerability researches
Import CSV or XML Datafeed With Ease (CVE-2018-20967) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2015-9306) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3243) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3244) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-1977) , Jun 07, 2024
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025