Xylusthemes Wp Smart Import — known CVE vulnerabilities
Every CVE whose affected-product data names Xylusthemes Wp Smart Import, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-24147 — CVSS 9.1 (critical): Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.
CVE-2025-47453 — CVSS 8.1 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP…
CVE-2024-30201 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer…