cleantalk
Vulnerabilities and Security Researches

Import CSV or XML Datafeed With Ease, CVE-2022-1977

CVE, Research URL

CVE-2022-1977

Home page URL

Security reports for Import CSV or XML Datafeed With Ease

Application

Import CSV or XML Datafeed With Ease

Published on
Jun 27, 2022
Research Description
The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
Affected versions
Min -, max 3.7.1.
Status
vulnerable
Previous vulnerability researches
Import CSV or XML Datafeed With Ease (CVE-2018-20967) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2015-9306) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3243) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-3244) , Jun 07, 2024
Import CSV or XML Datafeed With Ease (CVE-2022-1977) , Jun 07, 2024
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025