Vulnerabilities > Wpallimport
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-15 | CVE-2024-32431 | Unspecified vulnerability in Wpallimport WP ALL Import Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2. | 7.2 |
| 2022-07-18 | CVE-2022-1565 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpallimport WP ALL Import 3.4.6 The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. | 7.2 |