The vulnerability in the implementation of the Export Utility function of the Ultimate SMS Notifications plugin for WooCommerce, a content management system for WordPress websites, allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Export Utility function implementation in the Ultimate SMS Notifications plugin for WooCommerce, a content management system for WordPress websites, is related to the absence of a mechanism to neutralize elements in the CSV file. Exploiting this vulnerability could allow ...

Input validation

The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing...

CVE-2022-2429 Ultimate SMS Notifications for WooCommerce <= 1.4.1 - CSV Injection

The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing...

WordPress plugin Ultimate SMS Notifications for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...