CVE-2019-15327

The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt