Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

WordPress Plugin: import-users-from-csv-with-meta: CVE-2019-15329: Cross-Site Request Forgery (CSRF)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 14, 2019
Added
May 15, 2025
Modified
Apr 30, 2026

Description

The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.

Solution

import-users-from-csv-with-meta-plugin-cve-2019-15329

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report