CVE-2026-0814

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

CVE-2026-0814

The CVE-2026-0814 entry concerns the WordPress plugin Advanced CF7 DB . A missing capability check in the function vsz_cf7_export_to_excel affects all versions up to and including 2.0.9 , enabling authenticated users with Subscriber-level access and above to export form submissions to Excel files...

CVE-2026-0814 Advanced CF7 DB <= 2.0.9 - Missing Authorization to Authenticated (Subscriber+) Form Submissions Excel Export

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

The vulnerability of the “Export to Excel” plugin, which exists due to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.

The vulnerability of the “Export to Excel” plugin exists due to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the plugin “Export to Excel. Exporting product catalogs for 1C-Bitrix. Creating price lists” allows a perpetrator to execute arbitrary commands.

The vulnerability of the plugin “Export to Excel. Exporting product catalogs for 1C-Bitrix. Creating price lists” is related to the failure to take measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute...

PT-2025-28936 · Ип Кривочуров Дмитрий Анатольевич · Экспорт В Excel. Выгрузка Каталога Товаров 1С-Битрикс. Создание Прайс-Листа

Уязвимость плагина «Экспорт в Excel» существует из-за непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга XSS...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

Cross site scripting

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

Product Inventory with Export to Excel Security Vulnerability

Product Inventory with Export to Excel is a product inventory application with export to Excel functionality by rems Personal Developer. A security vulnerability exists in Product Inventory with Export to Excel version 1.0, which stems from the Add Product feature being susceptible to cross-site...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

PT-2024-20288 · Sourcecodester · Sourcecodester Product Inventory With Export To Excel

Name of the Vulnerable Software and Affected Versions: Sourcecodester Product Inventory with Export to Excel version 1.0 Description: The issue concerns cross-site scripting XSS attacks. Specifically, the Product Name and Product Code in the 'Add Product' section are vulnerable to such attacks...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

Exploit for Cross-site Scripting in Remyandrade Product_Inventory_With_Export_To_Excel

CVE-2024-24135: Product Inventory with Export to Ex...

Description of the security update for SharePoint Server 2019: December 14, 2021 (KB5002054)

Description of the security update for SharePoint Server 2019: December 14, 2021 KB5002054 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see t...

June 6, 2017, update for Office 2016 (KB3115281)

June 6, 2017, update for Office 2016 KB3115281 This article describes update KB3115281 for Microsoft Office 2016, which was released on June 6, 2017. This update has a prerequisite. Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

Code injection

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...