2 matches found
CVE-2020-9466
The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection...
CVE-2020-9466
CVE-2020-9466 affects the WordPress plugin Export Users to CSV (≤1.4.2). An attacker who can register as a subscriber can inject CSV payloads into user-details fields; when an authenticated admin exports user data to CSV and opens it, the payload can execute (e.g., redirections to malicious sites...