CVE-2026-2830 | WP All Import Pro Plugin up to 4.0.0 on WordPress filepath cross site scripting

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability, which was classified as problematic, was found in WP All Import Pro Plugin up to 4.0.0 on WordPress. Affected is an unknown function. The manipulation of the argument filepath results in cross site scripting.

This vulnerability is known as CVE-2026-2830. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-2830 | WP All Import Pro Plugin up to 4.0.0 on WordPress filepath cross site scripting

Post correlati

CVE-2024-32963 | Navidrome up to 0.51.x HTTP Traffic Privilege Escalation

CVE-2024-9164 | GitLab Enterprise Edition up to 17.2.8/17.3.4/17.4.1 Pipeline missing authentication (Issue 493946)

CVE-2023-52447 | Linux Kernel up to 5.8/6.1.74/6.6.13/6.7.1 BPF bpf_map_fd_put_ptr use after free

CVE-2025-50398 | Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 sub_404CAEDC fac_password buffer overflow