Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Xylusthemes Subscribe
Filtered by product Wp Smart Import
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-32597 1 Xylusthemes 1 Wp Smart Import 2026-01-13 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.
CVE-2025-47453 1 Xylusthemes 1 Wp Smart Import 2026-01-12 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3.
CVE-2024-30201 1 Xylusthemes 1 Wp Smart Import 2026-01-08 N/A 7.1 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.
CVE-2022-40209 1 Xylusthemes 1 Wp Smart Import 2024-11-21 N/A 6.1 MEDIUM
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.
CVE-2020-24147 1 Xylusthemes 1 Wp Smart Import 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.