[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1FyMzlB50jpF7BpRF-NA9riIwL9iraygk3ZIkaeeSD8":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-36386","wp-all-import-authenticated-administrator-arbitrary-code-execution","WP All Import \u003C= 3.6.7 - Authenticated (Administrator+) Arbitrary Code Execution","The WP All Import plugin for WordPress is vulnerable to arbitrary code execution in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator-level permissions and above, to execute arbitrary code.","wp-all-import",null,"\u003C=3.6.7","3.6.8","critical",9.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2022-06-28 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9a5ce873-e90b-4bdc-b428-426818ff9a86?source=api-prod",574]