CVE-2022-3605

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

Input validation

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605

The CVE-2022-3605 entry concerns the WP CSV Exporter WordPress plugin, affected versions prior to 1.3.7. The root cause is improper escaping of fields during CSV export, resulting in a CSV injection vulnerability. Practical impact is that exporting data to CSV may allow crafted inputs to trigger ...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3853 Supra CSV <= 4.0.3 - Stored Cross-Site Scripting via CSRF

Cross-site Scripting XSS is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application...

PT-2022-23142 · WordPress · Wp Csv Exporter

Name of the Vulnerable Software and Affected Versions: WP CSV Exporter WordPress plugin versions prior to 1.3.7 Description: The issue arises from the WP CSV Exporter WordPress plugin's failure to properly escape fields when exporting data as CSV, leading to a CSV injection vulnerability...

WordPress plugin Supra CSV 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress plugin WP CSV Exporter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Low: Red Hat Security Advisory: RHACS 3.73 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

Sql injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-3249 WP CSV Exporter < 1.3.7 - Admin+ SQLi

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-3249

The CVE-2022-3249 vulnerability affects the WP CSV Exporter WordPress plugin prior to version 1.3.7. The root cause is improper sanitisation/escaping of certain parameters before they are used in SQL statements, enabling authenticated high-privilege users (e.g., admins) to perform SQL injection. ...

CVE-2022-3249 WP CSV Exporter < 1.3.7 - Admin+ SQLi

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

WordPress plugin WP CSV Exporter SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Appointment Hour Booking plugin suffers from CSV injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A CSV injection vulnerabili...

WordPress Export customers list csv for WooCommerce plugin CSV Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Export customers...

CVE-2022-4034

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers to embed untrusted input into content during booking creation that may be exported as a CSV file when a site's...