Vulnerabilities > Soflyy > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-04 | CVE-2022-2268 | Unspecified vulnerability in Soflyy WP ALL Import The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. | 7.2 |
| 2022-06-13 | CVE-2022-1800 | Unspecified vulnerability in Soflyy Export ANY Wordpress Data to Xml/Csv The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. | 7.2 |
| 2019-08-20 | CVE-2015-9331 | 7PK - Security Features vulnerability in Soflyy WP ALL Import The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit. | 7.5 |