Soflyy WP All Import 3.4.9 for WordPress
Approved changes feed: RSS · Atom
cpe:2.3:a:soflyy:wp_all_import:3.4.9:*:*:*:*:wordpress:*:*
part: a version: 3.4.9 update: *
| Vendor | Soflyy (87a26a9e-acd4-5262-bca3-fa77ab4eb5d0) |
|---|---|
| Product | Wp All Import (d06c3f01-1907-5f44-84c6-c82fb4b6d516) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wp-plugins/wp-all-import |
purl2cpe | 2026-06-01 10:11:18.745408 |
pkg:github/wpplugins/wp-all-import |
purl2cpe | 2026-06-01 10:11:18.745409 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-16259 |
vulnerable | 2026-06-03 14:38:20.225891 |
Details available
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T18:05:35.000Z
Updated: 2024-08-05T10:17:38.454Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16258 |
vulnerable | 2026-06-03 14:38:20.225500 |
Details available
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T18:03:54.000Z
Updated: 2024-08-05T10:17:38.377Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16257 |
vulnerable | 2026-06-03 14:38:20.225104 |
Details available
There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T18:02:31.000Z
Updated: 2024-08-05T10:17:38.366Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16256 |
vulnerable | 2026-06-03 14:38:20.224803 |
Details available
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T18:00:13.000Z
Updated: 2024-08-05T10:17:38.420Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16255 |
vulnerable | 2026-06-03 14:38:20.224480 |
Details available
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T17:59:02.000Z
Updated: 2024-08-05T10:17:38.352Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-16254 |
vulnerable | 2026-06-03 14:38:20.224056 |
Details available
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator
Published: 2019-04-12T17:57:02.000Z
Updated: 2024-08-05T10:17:38.303Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.