5 matches found
CVE-2022-45370
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1...
CVE-2022-45370
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1...
CVE-2022-45370 WordPress WordPress Comments Import & Export plugin <= 2.3.1 - CSV Injection
A vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce.This issue affects Comments Import & Export: from n/a through = 2.3.1...
CVE-2022-45370
The CVE CVE-2022-45370 concerns the WebToffee WordPress Comments Import & Export plugin (versions 2.3.1 and earlier). The issue is an improper neutralization of formula elements in CSV files (CSV Injection) when importing/exporting comments, allowing unauthenticated attackers to craft CSV payload...
WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection
Software WordPress Comments Import & Export Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2022-45370 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID aa57ae50e983 Credits Mika Required privilege...