CVE-2022-3244

CVE-2022-3244: Import all XML, CSV & TXT into WordPress < 6.5.8 - Missing Authorisation

Vendor Unknown
Product Import all XML, CSV & TXT into WordPress
Weakness CWE-862 · Missing authorization
Published October 17, 2022
Last update May 13, 2025

CVSS base score

What the vulnerability does

01Description

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce

Key dates

02Disclosure timeline

October 17, 2022 CVE published
May 13, 2025 Record updated

Related vulnerabilities

04Related CVE