4 matches found
CVE-2022-2240
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it...
CVE-2022-2240
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it...
CVE-2022-2240
CVE-2022-2240 affects the WordPress plugin Request a Quote up to version 2.3.7, where the CSV upload handling does not validate uploaded CSV files. This allows unauthenticated users to attach a malicious CSV to a quote, enabling CSV injection when an admin downloads and opens the file. The vulner...
CVE-2022-2240 Request a Quote <= 2.3.7 - CSV Injection
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it...