Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Soflyy | Import any XML or CSV File to WordPress | unaffected |
|
No data.
No data.
No data.
Project Subscriptions
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-29797 | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3. |
Fixes
Solution
Update to 3.7.4 or a higher version.
Workaround
No workaround given by the vendor.
References
History
Tue, 28 Apr 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3. | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3. |
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-04-28T16:09:33.770Z
Reserved: 2024-04-07T18:11:10.900Z
Link: CVE-2024-31939
Vulnrichment
Updated: 2024-05-23T19:01:23.358Z
NVD
Status : Deferred
Published: 2024-04-10T20:15:08.083
Modified: 2026-04-28T19:24:31.243
Link: CVE-2024-31939
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses