Lucene search
Ankur BakreWPEX-ID:53C8190C-BAEF-4807-970B-F01AB440576AHistoryMay 18, 2022 - 12:00 a.m.
WP-CRM <= 1.2.1 - CSV Injection
2022-05-1800:00:00
Ankur Bakre
79
wp-crm
csv injection
calculator payload
export csv
vulnerable application
EPSS
0.001
Percentile
34.8%
The plugin does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.
1. Add new person and put the following CSV calculator payload into the Display Name, Phone Number and Description field and save the entry.
payload : =cmd|' /C calc'!'A1' or =cmd|' /C calc'!A0
2. In the All People section, click on "Export CSV"
If the csv is opened in a vulnerable application, the payload will execute.Related
nvd
nvd
CVE-2022-1202
2022-06-13 13:15:10
prion
prion
Input validation
2022-06-13 13:15:00
cve
cve
CVE-2022-1202
2022-06-13 13:15:10
wpvulndb
wpvulndb
WP-CRM <= 1.2.1 - CSV Injection
2022-05-18 00:00:00
patchstack
patchstack
WordPress WP-CRM plugin <= 1.2.1 - CSV Injection vulnerability
2022-05-18 00:00:00
cvelist
cvelist
CVE-2022-1202 WP-CRM <= 1.2.1 - CSV Injection
2022-06-13 12:41:41
cnvd
cnvd
WordPress WP-CRM plugin CSV injection vulnerability
2022-06-15 00:00:00