Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Import all XML CSV TXT into WordPress Server-Side Request Forgery - CVE-2022-1977 - Vulnerability Database
WP Plugin Wp Ultimate Csv Importer

WordPress Plugin Import all XML CSV TXT into WordPress Server-Side Request Forgery - CVE-2022-1977

Low
Reference: CVE-2022-1977
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-1977
Title: WordPress Plugin Import all XML CSV TXT into WordPress Server-Side Request Forgery
Overview:

WordPress Plugin Import all XML CSV TXT into WordPress is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin Import all XML CSV TXT into WordPress version 6.5.2 is vulnerable prior versions may also be affected.