WordPress plugin Import any XML or CSV File to WordPress 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...

WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

CVE-2022-3463

CVE-2022-3463 concerns the WordPress Contact Form Plugin (FluentForm) before 4.3.13. The vulnerability is a CSV injection caused by not validating and escaping fields when exporting form entries as CSV. Affected product: WordPress FluentForm / Contact Form Plugin prior to 4.3.13. Impact: potentia...

CVE-2022-3558

CVE-2022-3558 affects the WordPress plugin Import and export users and customers, prior to version 1.20.5. The vulnerability arises from improper escaping of data when exporting to CSV, which enables CSV injection. The issue is demonstrated by a PoC showing crafted data (e.g., nickname payload) e...

IBM InfoSphere Information Server CSV Injection Vulnerability

IBM InfoSphere Information Server is a data integration platform from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server version 11.7 has a CSV injection vulnerability, which stems from its...

CVE-2022-22425

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."...

CVE-2022-22425

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."...

Input validation

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."...

WordPress Export customers list csv for WooCommerce plugin <= 2.0.64 - CSV Injection vulnerability

CSV Injection vulnerability discovered by Francesco Carlucci in WordPress Export customers list csv for WooCommerce plugin versions = 2.0.64. Solution Update the WordPress Export customers list csv for WooCommerce plugin to the latest available version at least 2.0.69...

CVE-2022-22425

IBM InfoSphere Information Server 11.7 is identified as potentially vulnerable to CSV Injection due to improper validation of CSV file contents. The vulnerability could allow a remote attacker to execute arbitrary commands on the system; CVSS metrics in public records indicate a high impact (C, I...

PT-2022-15424 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to CSV Injection, where a remote attacker could execute arbitrary commands on the system due to improper validation of csv file contents. Recommendations: For IB...

CVE-2022-22425

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."...

CVE-2022-22425

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."...

The vulnerability of the Export Users function implemented by the WP Users Exporter plugin of the WordPress content management system allows a hacker to perform cross-site scripting attacks.

The vulnerability of the “Export Users” function implementation in the WP Users Exporter plugin of the WordPress content management system is related to the lack of mechanisms to neutralize elements in the CSV file. Exploiting this vulnerability could allow a malicious actor to perform cross-site...

CVE-2022-40294

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers...

Design/Logic Flaw

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers...

CVE-2022-40294

CVE-2022-40294 concerns a CSV injection in the data export functionality of PHP Point of Sale version 19.0 from PHP Point of Sale, LLC. The vulnerability allows malicious code to be embedded in exported data and triggered in spreadsheet/viewer applications. The connected sources confirm the issue...

CVE-2022-40294 CSV Injection in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers...

WordPress Easy Digital Downloads plugin <= 3.1.0.1.1 - Unauth. CSV Injection vulnerability

Unauth. CSV Injection vulnerability discovered by Francesco Carlucci in WordPress Easy Digital Downloads plugin versions = 3.1.0.1.1. Solution Update the WordPress Easy Digital Downloads plugin to the latest available version at least 3.1.0.2...

WordPress Post to CSV by BestWebSoft CSV Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A CSV injection vulnerabili...