Import and export users and customers
import-users-from-csv-with-meta
Vulnerabilities:
18
Last Updated:
December 3, 2025
Active Installs:
80000
Published
Title
Fixed in
CVSS
Published
2025-01-27
Title
Import and export users and customers < 1.27.13 - Unauthenticated Sensitive Information Disclosure
Fixed in
Fixed in 1.27.13
CVSS
5.3 (medium)
Published
2024-10-24
Fixed in
Fixed in 1.27.6
CVSS
4.4 (medium)
Published
2024-08-07
Fixed in
Fixed in 1.26.9
CVSS
5.3 (medium)
Published
2024-05-14
Fixed in
Fixed in 1.26.7
CVSS
4.4 (medium)
Published
2024-05-14
Fixed in
Fixed in 1.26.7
CVSS
4.4 (medium)
Published
2024-05-03
Fixed in
Fixed in 1.26.6
CVSS
4.3 (medium)
Published
2024-04-22
Fixed in
Fixed in 1.26.3
CVSS
7.2 (high)
Published
2024-01-16
Title
Import and export users and customers < 1.24.7 - Missing Authorization via fire_cron REST endpoint
Fixed in
Fixed in 1.24.7
CVSS
5.3 (medium)
Published
2023-12-11
Fixed in
Fixed in 1.24.4
CVSS
5.1 (medium)
Published
2023-12-08
Fixed in
Fixed in 1.24.3
CVSS
5.9 (medium)
Published
2022-10-17
Fixed in
Fixed in 1.20.5
CVSS
4.1 (medium)
Published
2022-04-11
Fixed in
Fixed in 1.19.2.1
CVSS
3.4 (low)
Published
2020-11-20
Fixed in
Fixed in 1.16.3.6
CVSS
6.1 (medium)
Published
2020-01-01
Fixed in
Fixed in 1.15.0.1
CVSS
3.1 (low)
Published
2019-06-22
Title
Import users from CSV with meta < 1.14.2.2 - CSRF leading to attachment deletion & Path Traversal
Fixed in
Fixed in 1.14.2.2
CVSS
7.5 (high)
Published
2019-06-20
Fixed in
Fixed in 1.14.1.3
CVSS
6.1 (medium)
Published
2019-03-14
Fixed in
Fixed in 1.14.0.3
CVSS
8.8 (high)
Published
2018-12-11
Fixed in
Fixed in 1.12.1
CVSS
6.1 (medium)
WPScan 