CVE-2022-38702

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

EUVD-2022-42655

Malicious code in bioql PyPI...

EUVD-2022-41271

Malicious code in bioql PyPI...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-38702

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0...

CVE-2022-38702

Summary: The CVE-2022-38702 entry concerns the WordPress WP CSV Exporter plugin, affecting versions up to 2.0. Connected documents identify the issue as improper neutralization of formula elements in a CSV file (CSV injection) within WP CSV Exporter. What’s affected: WP CSV Exporter plugin for Wo...

PT-2023-13636 · WordPress · Wp Csv Exporter

Name of the Vulnerable Software and Affected Versions: WP CSV Exporter versions 2.0 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file, which affects the WP CSV Exporter. Recommendations: For WP CSV Exporter versions 2.0 and earlier, at...

CVE-2022-3605

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

Input validation

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605 WP CSV Exporter < 1.3.7 - CSV Injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3605

The CVE-2022-3605 entry concerns the WP CSV Exporter WordPress plugin, affected versions prior to 1.3.7. The root cause is improper escaping of fields during CSV export, resulting in a CSV injection vulnerability. Practical impact is that exporting data to CSV may allow crafted inputs to trigger ...

PT-2022-23142 · WordPress · Wp Csv Exporter

Name of the Vulnerable Software and Affected Versions: WP CSV Exporter WordPress plugin versions prior to 1.3.7 Description: The issue arises from the WP CSV Exporter WordPress plugin's failure to properly escape fields when exporting data as CSV, leading to a CSV injection vulnerability...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-3249

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

Sql injection

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...

CVE-2022-3249

The CVE-2022-3249 vulnerability affects the WP CSV Exporter WordPress plugin prior to version 1.3.7. The root cause is improper sanitisation/escaping of certain parameters before they are used in SQL statements, enabling authenticated high-privilege users (e.g., admins) to perform SQL injection. ...

CVE-2022-3249 WP CSV Exporter < 1.3.7 - Admin+ SQLi

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks...