Import Csv Files
Monthly
The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.