Vulnerabilities > Smackcoders > WP Ultimate CSV Importer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2023-4139 | Unspecified vulnerability in Smackcoders WP Ultimate CSV Importer The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. | 7.5 |
| 2023-08-04 | CVE-2023-4140 | Unspecified vulnerability in Smackcoders WP Ultimate CSV Importer The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'get_header_values' function. | 8.8 |
| 2023-08-04 | CVE-2023-4141 | Unspecified vulnerability in Smackcoders WP Ultimate CSV Importer The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus2' parameter. | 8.8 |
| 2023-08-04 | CVE-2023-4142 | Unspecified vulnerability in Smackcoders WP Ultimate CSV Importer The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus1' parameter. | 8.8 |