WordPress Plugin Vulnerabilities

WP Ultimate CSV Importer < 3.8.8 - Reflected Cross-Site Scripting (XSS)

Description

The Import and Export WordPress Data as CSV or XML WordPress plugin was affected by a Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
wp-ultimate-csv-importer
Fixed in 3.8.8

References

URL
https://seclists.org/bugtraq/2016/Jan/129

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1d10d116-3dda-41d4-a6f4-66d300385003

Timeline

Publicly Published
2016-01-27 (about 10 years ago)
Added
2016-01-27 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2024-07-10
Title
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps <= 1.36.12 - Reflected Cross-Site Scripting
Published
2025-05-07
Title
CookieCode <= 2.4.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2025-01-29
Title
VR-Frases (collect & share quotes) < 4.0 - Reflected Cross-Site Scripting
Published
2025-02-04
Title
Pushbiz <= 1.0 - Reflected XSS
Published
2025-05-02
Title
EC Authorize.net <= 0.3.3 - Reflected Cross-Site Scripting