cleantalk
Vulnerabilities and Security Researches

Import CSV or XML Datafeed With Ease, CVE-2022-1977

CVE, Research URL

CVE-2022-1977

Home page URL

Security reports for Import CSV or XML Datafeed With Ease

Application

Import CSV or XML Datafeed With Ease

Published on
Jun 27, 2022
Research Description
The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
Affected versions
max 3.7.1.
Status
vulnerable
Previous vulnerability researches
Import CSV or XML Datafeed With Ease (CVE-2018-20967) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2015-9306) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3243) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3244) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-1977) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026