CVE-2018-16257

** DISPUTED ** There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator.
Configurations

Configuration 1

cpe:2.3:a:soflyy:wp_all_import:3.4.9:*:*:*:*:wordpress:*:*

Information

Published : 2019-04-12 07:29

Updated : 2019-08-29 06:15


NVD link : CVE-2018-16257

Mitre link : CVE-2018-16257

Products Affected
No products.
CWE