2 matches found
CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection
The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...
CVE-2022-3605
The CVE-2022-3605 entry concerns the WP CSV Exporter WordPress plugin, affected versions prior to 1.3.7. The root cause is improper escaping of fields during CSV export, resulting in a CSV injection vulnerability. Practical impact is that exporting data to CSV may allow crafted inputs to trigger ...