Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2022-3393
HistoryOct 25, 2022 - 12:00 a.m.

CVE-2022-3393 Post to CSV by BestWebSoft <= 1.4.0 - Author+ CSV Injection

2022-10-2500:00:00
CWE-1236
WPScan
www.cve.org
2
cve-2022-3393
post to csv
bestwebsoft
csv injection
wordpress plugin

AI Score

9.7

Confidence

High

EPSS

0.003

Percentile

68.8%

JSON

The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Post to CSV by BestWebSoft",
    "versions": [
      {
        "version": "1.4.0",
        "status": "affected",
        "lessThanOrEqual": "1.4.0",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
wpvulndb 1
wpexploit 1
cve 1
nvd 1
patchstack 1
prion
prion
Design/Logic Flaw
2022-10-25 17:15:00
wpvulndb
wpvulndb
Post to CSV by BestWebSoft <= 1.4.0 - Author+ CSV Injection
2022-10-03 00:00:00
wpexploit
wpexploit
Post to CSV by BestWebSoft <= 1.4.0 - Author+ CSV Injection
2022-10-03 00:00:00
cve
cve
CVE-2022-3393
2022-10-25 17:15:57
nvd
nvd
CVE-2022-3393
2022-10-25 17:15:57
patchstack
patchstack
WordPress Post to CSV by BestWebSoft plugin <= 1.4.0 - Authenticated CSV Injection vulnerability
2022-10-03 00:00:00

AI Score

9.7

Confidence

High

EPSS

0.003

Percentile

68.8%

JSON
Related for CVELIST:CVE-2022-3393
prion1wpvulndb1wpexploit1cve1nvd1patchstack1