The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
WordPress
Information Disclosure
Import Export Wordpress Users
PHP
NVD
CVSS 3.1
2.7
EPSS
0.3%