Codection Import Users From Csv With Meta — known CVE vulnerabilities
Every CVE whose affected-product data names Codection Import Users From Csv With Meta, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-15326 — CVSS 7.5 (high): The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
CVE-2018-20101 — CVSS 6.1 (medium): The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.
CVE-2019-14683 — CVSS 5.7 (medium): The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attac…