Known Vulnerabilities for products from Codection
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Codection".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-6624 json | The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... | Not Provided | 2024-01-11 | 2026-04-08 |
| CVE-2023-6583 json | The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, an... | Not Provided | 2024-01-11 | 2026-04-08 |
| CVE-2022-4838 json | The Clean Login WordPress plugin before 1.13.7 does not validate and escape some of its shortcode attributes before outputtin... | 5.4 - MEDIUM | 2023-02-06 | 2023-11-07 |
| CVE-2022-3558 json | The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via ... | 8 - HIGH | 2022-11-07 | 2022-11-10 |
| CVE-2022-1255 json | The Import and export users and customers WordPress plugin before 1.19.2.1 does not sanitise and escaped imported CSV data, w... | 4.8 - MEDIUM | 2022-05-02 | 2022-05-09 |
| CVE-2020-22277 json | Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. | 8 - HIGH | 2020-11-04 | 2023-11-07 |
| CVE-2019-15329 json | The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF. | 8.8 - HIGH | 2019-08-22 | 2019-08-23 |
| CVE-2019-15328 json | The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS. | 6.1 - MEDIUM | 2019-08-22 | 2019-08-23 |
| CVE-2019-15327 json | The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data. | 6.1 - MEDIUM | 2019-08-22 | 2019-08-23 |
| CVE-2019-15326 json | The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. | 7.5 - HIGH | 2019-08-22 | 2019-08-23 |
| CVE-2019-14683 json | The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=ac... | 5.7 - MEDIUM | 2019-08-08 | 2023-02-24 |
| CVE-2018-20101 json | The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell. | 6.1 - MEDIUM | 2018-12-12 | 2020-03-06 |
| CVE-2017-8875 json | CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout re... | 6.5 - MEDIUM | 2017-05-10 | 2017-05-18 |
| CVE-2015-9336 json | The clean-login plugin before 1.5.1 for WordPress has reflected XSS. | 6.1 - MEDIUM | 2019-08-22 | 2019-08-26 |
Known software with vulnerabilities from Codection
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Codection | Clean Login | 1.0.0 |
| Application | Codection | Import And Export Users And Customers | 1.14 |
| Application | Codection | Import Users From Csv With Meta | 1.0.0 |