Vulnerabilities > Wpallimport

DATE CVE VULNERABILITY TITLE RISK
2022-07-18 CVE-2022-1565 Unrestricted Upload of File with Dangerous Type vulnerability in Wpallimport WP ALL Import 3.4.6
The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7.
network
low complexity
wpallimport CWE-434
7.2