Tuesday, 2 April 2019

CVE-2018-16254 to CVE-2018-16259 - XSS in Import any XML or CSV File for WordPress

Exploit Author: Mohammed Ansari S ( ansaert@gmail.com )
Date: August 21 2018
Affected Version: 3.4.9
Active installations: 100,000+
Plugin: https://wordpress.org/plugins/wp-all-import/

POC will be disclosed once it fixed. Waiting for developer approval.

No comments:

Post a Comment