CVE-2022-2146

The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting...

CVE-2022-2146

The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting...

CVE-2022-2146 Import CSV Files <= 1.0 - Reflected Cross-Site Scripting

The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting...

CVE-2022-2146

Technical details about CVE-2022-2146 are not publicly available in the provided connected documents. Monitor for updates from vendors and security bulletins.

WordPress plugin Import CSV Files 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Import CSV Files plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Benachi in WordPress Import CSV Files plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of June 16, 2022 and is not available for download. This closure is temporary, pending a full review...