CVE-2022-38702

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

EUVD-2022-41271

Malicious code in bioql PyPI...

EUVD-2022-42655

Malicious code in bioql PyPI...

CVE-2022-4368

The WP CSV WordPress plugin through 1.8.0.0 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, and doe snot have CSRF checks in place as well, leading to a Reflected Cross-Site Scripting...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-38702

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

CVE-2022-38702

Summary: The CVE-2022-38702 entry concerns the WordPress WP CSV Exporter plugin, affecting versions up to 2.0. Connected documents identify the issue as improper neutralization of formula elements in a CSV file (CSV injection) within WP CSV Exporter. What’s affected: WP CSV Exporter plugin for Wo...

PT-2023-13636 · WordPress · Wp Csv Exporter

Name of the Vulnerable Software and Affected Versions: WP CSV Exporter versions 2.0 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file, which affects the WP CSV Exporter. Recommendations: For WP CSV Exporter versions 2.0 and earlier, at...

CVE-2022-47163

Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin = 2.6 versions...

CVE-2022-47163

CVE-2022-47163 is a CSRF vulnerability in the WordPress plugin WP CSV to Database by josh401, affecting versions

CVE-2022-4368 WP CSV <= 1.8.0.0 - Reflected XSS via CSV Import

The WP CSV WordPress plugin through 1.8.0.0 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, and doe snot have CSRF checks in place as well, leading to a Reflected Cross-Site Scripting...

CVE-2022-4368

CVE-2022-4368 affects the WP CSV WordPress plugin (versions up to 1.8.0.0). The vulnerability is a Reflected XSS caused by failing to sanitize/escape a parameter during CSV import and lacking CSRF checks, exposed when the parameter is echoed back on the page. Several connected sources confirm the...

CVE-2022-3605

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

Input validation

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605

The CVE-2022-3605 entry concerns the WP CSV Exporter WordPress plugin, affected versions prior to 1.3.7. The root cause is improper escaping of fields during CSV export, resulting in a CSV injection vulnerability. Practical impact is that exporting data to CSV may allow crafted inputs to trigger ...

PT-2022-23142 · WordPress · Wp Csv Exporter

Name of the Vulnerable Software and Affected Versions: WP CSV Exporter WordPress plugin versions prior to 1.3.7 Description: The issue arises from the WP CSV Exporter WordPress plugin's failure to properly escape fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...