CVE-2022-3026

The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that...

CVE-2022-3026

The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that...

Input validation

The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that...

CVE-2022-3026

The WP Users Exporter plugin for WordPress (versions up to and including 1.4.2) is vulnerable to CSV Injection via the Export Users feature. An authenticated attacker (e.g., a subscriber) can inject untrusted data into profile fields (e.g., First Names) that are embedded in the CSV exported by an...

WordPress plugin WP Users Exporter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress WP Users Exporter plugin <= 1.4.2 - CSV Injection vulnerability

CSV Injection vulnerability discovered by Zhouyuan Yang in WordPress WP Users Exporter plugin versions = 1.4.2. Solution Deactivate and delete. This plugin has been closed as of January 8, 2020 and is not available for download. Reason: Security Issue...