First published: Tue Aug 20 2019(Updated: )
The wp-all-import plugin before 3.4.7 for WordPress has XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Soflyy Wp All Import | <3.4.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the wp-all-import plugin before version 3.4.7 is CVE-2018-20978.
The severity of CVE-2018-20978 is medium with a CVSS score of 6.1.
The affected software is the wp-all-import plugin before version 3.4.7 for WordPress.
The Common Weakness Enumeration (CWE) ID for CVE-2018-20978 is CWE-79.
To fix the XSS vulnerability in the wp-all-import plugin, you should update to version 3.4.7 or later.