This version addressed an "unserialization" vulnerability in import templates reported by Patchstack and resolved an error occurring during certain JSON file exports.
The filename refers to a specific version of the "WP Import Export" plugin developed by VJinfotech , a comprehensive tool for managing data migrations and bulk updates in WordPress. Overview of Version 3.9.27
A new feature was added to limit the number of records displayed on the managed import/export page, improving dashboard performance for sites with massive data sets. Core Features of the Plugin vj-wp-import-export.3.9.27.zip
It handles diverse file types including CSV, XLS, XLSX, JSON, TXT, ODS, XML, and standard ZIP archives.
Users should note that versions of the plugin up to and including have been flagged for a Stored Cross-Site Scripting (XSS) vulnerability. While this version fixed earlier serialization issues, later security researchers discovered that authenticated attackers with "Contributor" level access could still inject malicious scripts via the wpiePreviewData function. If you are still using version 3.9.27, it is highly recommended to update to the latest available version from the official developer site or WordPress.org repository to protect your site from potential exploits. How to Install from ZIP Core Features of the Plugin It handles diverse
The plugin supports background processing, allowing users to pause, resume, or stop imports/exports as needed. Security Warning
Released on March 14, 2024, version 3.9.27 was a critical update focused on stability and security. If you are still using version 3
Users can import or export posts, pages, custom post types, taxonomies, comments, and users with a single click.
An intuitive interface allows users to map fields from their source file to WordPress fields without manual coding.
If you have downloaded vj-wp-import-export.3.9.27.zip , you can install it through the standard WordPress dashboard: Navigate to . Click Upload Plugin at the top of the page.