Vulnerabilities > Codection > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-30 | CVE-2024-8252 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Codection Clean Login The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. | 8.8 |
| 2024-01-11 | CVE-2023-6583 | Path Traversal vulnerability in Codection Import and Export Users and Customers The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. | 7.2 |
| 2022-11-07 | CVE-2022-3558 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files. | 8.0 |
| 2020-11-04 | CVE-2020-22277 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. | 8.0 |