Vulnerabilities > Soflyy > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-12 | CVE-2018-16254 | Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9 There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. | 6.1 |
| 2018-03-09 | CVE-2018-0547 | Cross-site Scripting vulnerability in Soflyy WP ALL Import Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2018-03-09 | CVE-2018-0546 | Cross-site Scripting vulnerability in Soflyy WP ALL Import Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |