The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/de4bc449-3dd4-4776-943f-ac59ae813132 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-10-17T00:00:00
Updated: 2022-10-17T00:00:00
Reserved: 2022-09-20T00:00:00
Link: CVE-2022-3244
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-17T12:15:10.657
Modified: 2023-06-07T02:44:22.557
Link: CVE-2022-3244
JSON object: View
Redhat Information
No data.
CWE