4 matches found
CVE-2019-20180
The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress...
WordPress TablePress Plugin < 1.10 CSV Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112685";...
CVE-2019-20180
The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress...
CVE-2019-20180
The CVE-2019-20180 entry concerns the WordPress TablePress plugin, version 1.9.2. The documented issue is a CSV injection in tablepress[data] that can be triggered by Editor users when exporting data, with the underlying claim that the vulnerability arises from how CSV is opened by the target app...