Csv Mass Importer
Approved changes feed: RSS · Atom
cpe:2.3:a:aleapp:csv_mass_importer:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Aleapp (a6d3148c-ba8a-5153-8f1b-63a3812ca238) |
|---|---|
| Product | Csv Mass Importer (ac1ed2de-5e38-5e33-ab38-852fcdd105b3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-4190 |
vulnerable | 2026-06-08 07:29:15.542557 |
CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload
The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
Published: 2025-05-17T06:00:03.776Z
Updated: 2025-05-19T15:24:11.947Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.