CVE-2024-32817
WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Deserialization of Untrusted Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.2.
| CWE | CWE-502 |
| Vendor | javier carazo |
| Product | import and export users and customers |
| Published | Apr 24, 2024 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for javier carazo import and export users and customers
Be the first to know when new unknown vulnerabilities affecting javier carazo import and export users and customers are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Javier Carazo / Import and export users and customers
0 ≤ 1.26.2
References
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-26-2-php-object-injection-vulnerability?_s_id=cve patchstack.com: https://patchstack.com/database/vulnerability/import-users-from-csv-with-meta/wordpress-import-and-export-users-and-customers-plugin-1-26-2-php-object-injection-vulnerability?_s_id=cve
Credits
Trình Vũ (Sonicrrrr_ from VNPT-VCI) | Patchstack Bug Bounty Program