CVE-2026-0814 Advanced CF7 DB <= 2.0.9 - Missing Authorization to Authenticated (Subscriber+) Form Submissions Excel Export

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

CVE-2026-0814

The CVE-2026-0814 entry concerns the WordPress plugin Advanced CF7 DB . A missing capability check in the function vsz_cf7_export_to_excel affects all versions up to and including 2.0.9 , enabling authenticated users with Subscriber-level access and above to export form submissions to Excel files...

PT-2025-28936 · Ип Кривочуров Дмитрий Анатольевич · Экспорт В Excel. Выгрузка Каталога Товаров 1С-Битрикс. Создание Прайс-Листа

Уязвимость плагина «Экспорт в Excel» существует из-за непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга XSS...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

CVE-2024-24135

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks...

Description of the security update for SharePoint Server 2019: December 14, 2021 (KB5002054)

Description of the security update for SharePoint Server 2019: December 14, 2021 KB5002054 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see t...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

Code injection

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

Cumulative Update 25 for Microsoft Dynamics NAV 2017 (Build 26396)

Cumulative Update 25 for Microsoft Dynamics NAV 2017 Build 26396 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2017,...