ГлавнаяУязвимости → CVE-2025-4190
7.2высокая

CVE-2025-4190

Описание

The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)

Затрагиваемое ПО
Aleapp Csv mass importer
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://wpscan.com/vulnerability/e525ece5-6e03-4aee-bf5b-6ae0b961f027/https://wpscan.com/vulnerability/e525ece5-6e03-4aee-bf5b-6ae0b961f027/