Wp All Import Pro Github [better]

A tracked CVE (CVE-2024-9624) in the Pro plugin allowed an attacker to make requests from your server to arbitrary locations. This vulnerability could be exploited to read sensitive data from internal services or cloud provider metadata, potentially exposing your entire hosting environment. The vulnerability was present in all Pro versions up to 4.9.3 and could be exploited by an administrator-level user.

A stored XSS vulnerability (CVE-2024-8722) allowed attackers to upload malicious SVG files, which could then be used to inject scripts into your website. This could lead to anything from site defacement to stealing admin cookies. Versions up to 4.9.7 were vulnerable. wp all import pro github

While is a premium, paid plugin, its presence on GitHub primarily serves as a resource for developers to extend its functionality through APIs, action hooks, and custom add-ons. Essential Developer Resources on GitHub A tracked CVE (CVE-2024-9624) in the Pro plugin