Known Vulnerabilities for Wp All Import by Soflyy
Listed below are 10 of the newest known vulnerabilities associated with "Wp All Import" by "Soflyy".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59095 json | LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to ... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-58578 json | LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service (ReDoS) vulnerability that allows au... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-58174 json | Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-58025 json | Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with pr... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-57940 json | HTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function ge... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57628 json | Administrator SQL Injection in WP All Import <= 4.0.1 versions. | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-56769 json | Huly Platform through 0.7.423, fixed in commit 68cbf8a contains an authenticated server-side request forgery vulnerability in... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-56422 json | Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys (id) an... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-55477 json | 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the dat... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-55388 json | piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths... | Not Provided | 2026-06-22 | 2026-06-23 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Soflyy | Wp All Import | 3.5.1 | |||
| Application | Soflyy | Wp All Import | 3.5.0 | |||
| Application | Soflyy | Wp All Import | 3.4.9 | |||
| Application | Soflyy | Wp All Import | 3.4.8 | |||
| Application | Soflyy | Wp All Import | 3.4.7 | |||
| Application | Soflyy | Wp All Import | 3.4.6 | |||
| Application | Soflyy | Wp All Import | 3.4.5 | |||
| Application | Soflyy | Wp All Import | 3.4.4 | |||
| Application | Soflyy | Wp All Import | 3.4.3 | |||
| Application | Soflyy | Wp All Import | 3.4.2 | |||
| Application | Soflyy | Wp All Import | 3.4.1 | |||
| Application | Soflyy | Wp All Import | 3.4.0 | |||
| Application | Soflyy | Wp All Import | 3.3.9 | |||
| Application | Soflyy | Wp All Import | 3.3.8 | |||
| Application | Soflyy | Wp All Import | 3.3.7 | |||
| Application | Soflyy | Wp All Import | 3.3.6 | |||
| Application | Soflyy | Wp All Import | 3.3.5 | |||
| Application | Soflyy | Wp All Import | 3.3.4 | |||
| Application | Soflyy | Wp All Import | 3.3.3 | |||
| Application | Soflyy | Wp All Import | 3.3.2 |