3 matches found
CVE-2022-3600 Easy Digital Downloads < 3.1.0.2 - Unauthenticated CSV Injection
The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV injection...
CVE-2022-3600
The CVE-2022-3600 vulnerability affects the Easy Digital Downloads WordPress plugin prior to version 3.1.0.2. The issue is that the plugin does not validate data when exporting to CSV, enabling CSV/formula injection. Impact is described as potentially enabling injection in CSV files opened by use...
CVE-2022-3600 Easy Digital Downloads < 3.1.0.2 - Unauthenticated CSV Injection
The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV injection...