High 7.2
2025-02-07< 4.9.8
WP All Import Pro <= 4.9.7 - Authenticated (Administrator+) PHP Object Injection via Import File
WP All Import Pro
Minimum safe version
4.9.8
Update to 4.9.8 or later to address 8 fixable vulnerabilities
Medium 4.3
2025-02-07< 4.9.8
WP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content Deletion
Medium 5.5
2025-01-18< 4.9.8
WP All Import Pro <= 4.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via SVG File Upload
High 7.6
2024-12-17< 4.9.4
CVE-2024-9624
N/A
< 4.1.1
WP All Import Pro <= 4.1.0 - RCE
N/A
< 4.1.2
WP All Import Pro <= 4.1.1 - Multiple Vulnerabilities
N/A
2020-02-19< 4.1.1
WP All Import Pro < 4.1.1 - Reflected Cross Site Scripting
N/A
2020-03-19< 4.1.2
All Import Pro Plugin < 4.1.2 - SQL injection