WordPress Plugin Vulnerabilities

WP RSS Multi Importer < 3.14 - Cross Site Request Forgery (CSRF)

Description

The wp-rss-multi-importer WordPress plugin was affected by a Cross Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
wp-rss-multi-importer
Fixed in 3.14

References

URL
https://vexatioustendencies.com/wordpress-plugin-vulnerability-dump-part-1/

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
admin
Verified
No
WPVDB ID
338a1219-928a-4a9c-90cd-cacb73ea154f

Timeline

Publicly Published
2014-09-17 (about 11 years ago)
Added
2014-09-17 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-07-05
Title
The Events Calendar < 6.5.1.5 - Cross-Site Request Forgery via action_restore_events
Published
2022-10-31
Title
Booster for WooCommerce - Checkout Files Deletion via CSRF
Published
2023-10-16
Title
Eupago Gateway For Woocommerce < 3.1.10 - CSRF
Published
2025-09-25
Title
System Dashboard < 2.8.21 - Cross-Site Request Forgery
Published
2018-06-25
Title
JS Support Ticket < 2.0.6 - CSRF