One Click Demo Import
Monthly
Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.2.0. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.2.0. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.