cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15326,https://securityvulnerability.io/vulnerability/CVE-2019-15326,Directory Traversal Vulnerability in Import Users from CSV with Meta Plugin for WordPress,"A directory traversal vulnerability exists in the Import Users from CSV with Meta plugin for WordPress, affecting versions before 1.14.2.1. This flaw allows attackers to potentially gain unauthorized access to sensitive files on the server by manipulating file paths. Proper input validation and strict file access controls are essential to prevent exploitation of this vulnerability.",Wordpress,Import Users From Csv With Meta,7.5,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2019-08-22T19:10:38.000Z,0
CVE-2019-15327,https://securityvulnerability.io/vulnerability/CVE-2019-15327,XSS Vulnerability in Import Users from CSV with Meta Plugin for WordPress,"The Import Users from CSV with Meta plugin, prior to version 1.14.1.3 for WordPress, is susceptible to a Cross-Site Scripting (XSS) vulnerability that can be exploited through imported data. This flaw allows attackers to inject malicious scripts into the system, which then can be executed in the context of other users' browsers. Proper validation and sanitization of imported data are essential to mitigate the risks associated with this vulnerability, as they can lead to unauthorized access and data compromise.",Wordpress,Import Users From Csv With Meta,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2019-08-22T19:10:04.000Z,0
CVE-2019-15328,https://securityvulnerability.io/vulnerability/CVE-2019-15328,Cross-Site Scripting Vulnerability in Import Users from CSV with Meta Plugin for WordPress,"The import-users-from-csv-with-meta plugin for WordPress, prior to version 1.14.0.3, contains a Cross-Site Scripting (XSS) vulnerability. This flaw allows attackers to inject malicious scripts into the application, which can then be executed in the context of another user's session. This vulnerability poses a significant risk to the security of WordPress sites utilizing this plugin, potentially compromising sensitive user information and site integrity. Immediate updates and security assessments are recommended to mitigate the risks associated with this vulnerability.",Wordpress,Import Users From Csv With Meta,6.1,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2019-08-22T19:09:31.000Z,0
CVE-2019-15329,https://securityvulnerability.io/vulnerability/CVE-2019-15329,CSRF Vulnerability in Import Users from CSV with Meta Plugin for WordPress,"A Cross-Site Request Forgery (CSRF) vulnerability exists in the Import Users from CSV with Meta plugin for WordPress prior to version 1.14.0.3. This flaw can potentially allow an attacker to perform unauthorized actions on behalf of a user, thereby compromising the security of a WordPress site. It is crucial for site administrators using this plugin to upgrade to the latest version to mitigate the risks associated with this vulnerability.",Wordpress,Import Users From Csv With Meta,8.8,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2019-08-22T19:08:42.000Z,0
CVE-2019-14683,https://securityvulnerability.io/vulnerability/CVE-2019-14683,Cross-Site Request Forgery Vulnerability in Import Users from CSV with Meta Plugin for WordPress,"The Import Users from CSV with Meta plugin for WordPress prior to version 1.14.2.2 is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to exploit wp-admin/admin-ajax.php?action=acui_delete_attachment. This exploit can enable unauthorized actions without the user's consent, potentially leading to the deletion of media attachments.",Wordpress,Import Users From Csv With Meta,5.7,MEDIUM,0.0024900001008063555,false,,false,false,false,,,false,false,,2019-08-08T19:54:52.000Z,0
CVE-2018-20101,https://securityvulnerability.io/vulnerability/CVE-2018-20101,,"The codection ""Import users from CSV with meta"" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.",Wordpress,Import Users From Csv With Meta,6.1,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2018-12-12T16:00:00.000Z,0