Lucene search
China National Vulnerability DatabaseCNVD-2022-57616HistoryJul 06, 2022 - 12:00 a.m.
WordPress Import any XML or CSV File plugin arbitrary file upload vulnerability
2022-07-0600:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
wordpress
import
xml/csv
plugin
vulnerability
arbitrary file upload
php
zip file
validation
exploitation
EPSS
0.001
Percentile
42.9%
WordPress is a blogging platform developed using the PHP language. WordPress Import any XML or CSV File plugin versions prior to 3.6.8 are vulnerable to arbitrary file uploads, which originate from accepting all zip files and automatically extracting the zip file without validating the extracted file type, which can be exploited by attackers to The vulnerability is caused by accepting all zip files and automatically extracting the zip file without validating the extracted file type.
Related
openvas
openvas
nvd
nvd
CVE-2022-2268
2022-07-04 13:15:08
wpexploit
wpexploit
WP All Import < 3.6.8 - Admin+ Arbitrary File Upload
2022-07-01 00:00:00
cvelist
cvelist
CVE-2022-2268 WP All Import < 3.6.8 - Admin+ Arbitrary File Upload
2022-07-04 13:06:04
cve
cve
CVE-2022-2268
2022-07-04 13:15:08
wpvulndb
wpvulndb
WP All Import < 3.6.8 - Admin+ Arbitrary File Upload
2022-07-01 00:00:00
prion
prion
Design/Logic Flaw
2022-07-04 13:15:00