Import and export users and customers

Vulnerabilities 28Slug import-users-from-csv-with-metaLatest version 2.1.1WordPress.org →

Minimum safe version

2.0.9

Update to 2.0.9 or later to address 28 fixable vulnerabilities

Latest available2.1.1
N/A
2026-03-21< 2.0

Import and export users and customers <= 1.29.7 - Privilege Escalation to Administrator via save_extra_user_profile_fields

WordfenceCVE
N/A
< 1.15.0.1

Import Users From CSV with Meta 1.15 - Unauthorised Authenticated Users Export

WPScan
N/A
2020-01-01< 1.15.0.1

Import and export users and customers 1.15 - Sensitive Data Exposure

Wordfence
N/A
2016-09-02< 1.9.5

WordPress Import users from CSV with meta Plugin <= 1.9.4.6 - Cross-Site Request Forgery (CSRF)

Patchstack
N/A
2016-09-02< 1.9.5

WordPress Import users from CSV with meta plugin <= 1.9.4.6 - Authenticated Media Deletion Vulnerability

Patchstack
N/A
2019-06-26< 1.14.2.2

WordPress Import users from CSV with meta plugin <= 1.14.1.3 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack
N/A
2020-01-06< 1.15.0.1

WordPress Import Users From CSV with Meta plugin 1.15 - Unauthorised Authenticated Users Export vulnerability

Patchstack
Medium 6.1
2018-12-13< 1.12.1

WordPress Import users from CSV with meta plugin <= 1.12 - Cross-Site Scripting (XSS) vulnerability

PatchstackCVEWordfenceWPScan
Medium 5.7
2019-08-08< 1.14.2.2

CVE-2019-14683

CVEWordfence
High 8.0
2020-11-20< 1.16.3.6

WordPress Import and export users and customers plugin <= 1.16.3.5 - CSV Injection vulnerability

PatchstackWordfenceCVEWPScan