Security Advisory

CVE-2022-0360

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-28 09:06:48

Last updated 2024-08-02 23:25:40

Assigner WPScan

State PUBLISHED

Description

The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues

← Browse all CVEs View on cve.org ↗