Lucene search
China National Vulnerability DatabaseCNVD-2022-54972HistoryJun 15, 2022 - 12:00 a.m.
WordPress WP-CRM plugin CSV injection vulnerability
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
wp-crm plugin
csv injection
vulnerability
version 1.2.1
php
exporting
attacks
EPSS
0.001
Percentile
34.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-CRM plugin version 1.2.1 and earlier versions are vulnerable to a CSV injection vulnerability, which stems from a failure to validate and clean up fields when exporting people to CSV files. This vulnerability can be exploited to cause CSV injection attacks.
Related
nvd
nvd
CVE-2022-1202
2022-06-13 13:15:10
prion
prion
Input validation
2022-06-13 13:15:00
wpexploit
wpexploit
WP-CRM <= 1.2.1 - CSV Injection
2022-05-18 00:00:00
cve
cve
CVE-2022-1202
2022-06-13 13:15:10
wpvulndb
wpvulndb
WP-CRM <= 1.2.1 - CSV Injection
2022-05-18 00:00:00
patchstack
patchstack
WordPress WP-CRM plugin <= 1.2.1 - CSV Injection vulnerability
2022-05-18 00:00:00
cvelist
cvelist
CVE-2022-1202 WP-CRM <= 1.2.1 - CSV Injection
2022-06-13 12:41:41