Vulnerabilities > CVE-2015-9331 - 7PK - Security Features vulnerability in Soflyy WP ALL Import

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
soflyy
CWE-254

Summary

The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.

Common Weakness Enumeration (CWE)