Back to search
CVE-2022-2146
Published: Jul 17, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting
| Vendor | Product | Versions |
|---|---|---|
Unknown | Import CSV Files | affected 0 - <= 1.0 |
References
https://wpscan.com/vulnerability/adc1d752-331e-44af-b5dc-b463d56c2cb4
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now