CVE-2026-13353 - WP Ultimate CSV Importer <= 8.0.1 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via 'MappedFields' Parameter
CVE ID :CVE-2026-13353 Published : July 11, 2026, 4:17 a.m. | 15 minutes ago Description :The WP Ultimate CSV Importer – WordPress Import & Export for CSV, XML & Excel plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.0.1 via the...