4 matches found
CVE-2022-2429
The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing...
CVE-2022-2429
The CVE-2022-2429 entry concerns the WordPress plugin “Ultimate SMS Notifications for WooCommerce.” The vulnerability is a CSV Injection in the plugin’s Export Utility, affecting versions up to and including 1.4.1. It allows authenticated attackers (e.g., subscribers) to inject untrusted data int...
CVE-2022-2429 Ultimate SMS Notifications for WooCommerce <= 1.4.1 - CSV Injection
The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing...
CVE-2022-2429 Ultimate SMS Notifications for WooCommerce <= 1.4.1 - CSV Injection
The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing...