ThreatPress

WordPress Vulnerability Database

Back

WordPress Easy Registration Forms plugin <= 2.0.6 - CSV Injection vulnerability

Product
Easy Registration Forms
Description
CSV Injection vulnerability found by Mohamad Pishdar (cert.ikiu.ac.ir) in WordPress Easy Registration Forms plugin (versions <= 2.0.6).
Solution
2020-11-20 - we were unable to find information about the fix for this vulnerability.
Classification
Type Unknown
OWASP Top 10 A1: Injection
References
Vulnerability details
Plugin changelog
CVE
Name CVE-2020-22275
Versions
Affected In <= 2.0.6
Fixed In 2.0.7
Disclosure date
2020-11-20
Credits
Mohamad Pishdar