Lucene search
Ankur BakreWPVDB-ID:53C8190C-BAEF-4807-970B-F01AB440576AHistoryMay 18, 2022 - 12:00 a.m.
WP-CRM <= 1.2.1 - CSV Injection
2022-05-1800:00:00
Ankur Bakre
wpscan.com
11
wp-crm
csv injection
validation
sanitisation
exporting
vulnerability
EPSS
0.001
Percentile
34.8%
The plugin does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.
PoC
1. Add new person and put the following CSV calculator payload into the Display Name, Phone Number and Description field and save the entry. payload : =cmd|’ /C calc’!‘A1’ or =cmd|’ /C calc’!A0 2. In the All People section, click on “Export CSV” If the csv is opened in a vulnerable application, the payload will execute.
Related
prion
prion
Input validation
2022-06-13 13:15:00
wpexploit
wpexploit
WP-CRM <= 1.2.1 - CSV Injection
2022-05-18 00:00:00
cve
cve
CVE-2022-1202
2022-06-13 13:15:10
nvd
nvd
CVE-2022-1202
2022-06-13 13:15:10
patchstack
patchstack
WordPress WP-CRM plugin <= 1.2.1 - CSV Injection vulnerability
2022-05-18 00:00:00
cvelist
cvelist
CVE-2022-1202 WP-CRM <= 1.2.1 - CSV Injection
2022-06-13 12:41:41
cnvd
cnvd
WordPress WP-CRM plugin CSV injection vulnerability
2022-06-15 00:00:00