Malicious code in @add-wallet-exchange/set-imported-csv-message (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85e68f887715288c07927e0e74544a85fd8c7f1fd0ea7afe1ff8d50322fcaa34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-1255

The Import and export users and customers WordPress plugin before 1.19.2.1 does not sanitise and escaped imported CSV data, which could allow high privilege users to import malicious javascript code and lead to Stored Cross-Site Scripting issues...