CVE-2022-3558

Summary

The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.

Affected Software

VendorProductVersion RangeStatus
UnknownImport and export users and customers1.20.5 < 1.20.5affected

Weaknesses

  • CWE-1236: CWE-1236 Improper Neutralization of Formula Elements in a CSV File

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References