Vulnerabilities > Xylusthemes

DATE CVE VULNERABILITY TITLE RISK
2022-12-06 CVE-2022-40209 Cross-site Scripting vulnerability in Xylusthemes WP Smart Import 1.0.0/1.0.1/1.0.2
Unauth.
network
low complexity
xylusthemes CWE-79
6.1
2021-07-07 CVE-2020-24147 Server-Side Request Forgery (SSRF) vulnerability in Xylusthemes WP Smart Import 1.0.0
Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.
network
low complexity
xylusthemes CWE-918
critical
9.1