3 matches found
CVE-2021-24441
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet title when generating the CSV to export, which could lead to a CSV injection issue...
CVE-2021-24441
CVE-2021-24441 affects the WordPress Sign-up Sheets plugin (versions prior to 1.0.14). The issue is CSV injection arising when exporting CSVs: the plugin does not sanitise or validate the Sheet title during CSV generation, allowing potentially unsafe input to be interpreted as a formula. Public s...
CVE-2021-24441 Sign-up Sheets < 1.0.14 - Authenticated CSV Injection
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet title when generating the CSV to export, which could lead to a CSV injection issue...