WordPress Ultimate SMS Notifications for WooCommerce plugin <= 1.4.1 - CSV Injection vulnerability

2022-08-2900:00:00

Zhouyuan Yang

patchstack.com

0.001 Low

EPSS

Percentile

45.2%

CSV Injection vulnerability discovered by Zhouyuan Yang in WordPress Ultimate SMS Notifications for WooCommerce plugin (versions <= 1.4.1).

Solution

           Update the WordPress Ultimate SMS Notifications for WooCommerce plugin to the latest available version (at least 1.4.2).

CPENameOperatorVersion
ultimate sms notifications for woocommercele1.4.1

CPE	Name	Operator	Version
	ultimate sms notifications for woocommerce	le	1.4.1

www.wordfence.com/vulnerability-advisories/#CVE-2022-2429

0.001 Low

EPSS

Percentile

45.2%

Related for PATCHSTACK:073FCCDB7AED5BE1B4E291E69D247084