Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-24147: WP Smart Import : Import any XML File to WordPress

Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.

CVE
#vulnerability#wordpress#php#ssrf
  • Details
  • Reviews
  • Installation
  • Development

WP Smart Import : Import any XML File to WordPress

The most powerful solution for importing any CSV and XML files to WordPress. Create Posts and Pages any Custom Posttype with content from any XML or CSV file.

Features

  • Import any XML file into WordPress
  • Import any CSV file into WordPress
  • Import data into any post type
  • Import Large Files
  • Advanced Field mapping using drag and drop UI
  • Save import as a template for use it in another import
  • Save import file for reuse it later.
  • Local and Remote Image (Media) Import
  • Manage Import
  • Import Insight with data of post create and update

This plugin can be installed directly from your site.

  1. Log in and navigate to Plugins & Add New.
  2. Type “WP Smart Import” into the Search input and click the “Search” button.
  3. Locate the “WP Smart Import” in the list of search results and click “Install Now”.
  4. Click the “Activate Plugin” link at the bottom of the install screen.

It can also be installed manually.

  1. Download the “WP Smart Import” plugin from WordPress.org.
  2. Unzip the package and move to your plugins directory.
  3. Log into WordPress and navigate to the “Plugins” screen.
  4. Locate “WP Smart Import” in the list and click the “Activate” link.

Pretty unintuitive UI and didn’t work very well. Some of the fields mapped didn’t show up at all (like images from URL, or creator and short description as custom fields). I ended up with some basic (unformatted, bare text) posts that will still take significant work to clean up. If your XML has lots of good data, skip this plugin and use another solution that will be less head-scratching to figure out and more effective at duplicating the posts you’re trying to import.

I had an import issue and it was resolved within a week and a bit. very helpful support. highly recommended. plugin works great. no need for wocommerce add on plugin subscription fees. its an all in one solution for importing products. works fantastically. Big thanks to the support team . Im very very happy.

Best plugin with a lot of good premium features in the plugin. Recommendations - 1. - Please add a visual text editor toolbox for content section during import. 2. - Add find and replace feature for whole XML file during import to replace text, links, etc. Keep it up! Thank You

I tested the CSV import 5 times with multiple csv files and get "Error : file Not Valid". Despite the claim that it supports CSV, it doesn’t seem to be the case.

This plugin does everything and more than most commercial plugins will. I’m going to use it to import a series of articles for which the text and the publication dates are known upfront. I bundle texts, titles, featured image urls and publication dates in an XML and upload to Wordpress. The only thing that I’m missing is the ability to import posts with html in the content.

XML files will import just fine, but not CSV–they get a “file not supported” error. Also, this plugin can only create new items, not update existing ones.

Read all 12 reviews

“WP Smart Import : Import any XML File to WordPress” is open source software. The following people have contributed to this plugin.

Contributors

  • Xylus Themes

1.0.4

  • IMPROVEMENTS: Support for PHP 8
  • IMPROVEMENTS: Support for WP 6.2

1.0.3

  • FIXED: Security bugs

1.0.2

  • FIXED: jQuery Error

1.0.1

  • FIXED: some bugs.

1.0.0

  • Initial Version.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907