ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Export Users to CSV plugin <= 1.1.1 - CSV Injection vulnerability

Product
Export Users to CSV
Description
CSV Injection vulnerability found by Javier Olmedo in WordPress Export Users to CSV plugin (versions <= 1.1.1).
Solution
2018.09.01 - we were unable to find a patched version of this plugin.
Classification
Type Unknown
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-2018-15571
Versions
Affected In <= 1.1.1
Disclosure date
2018-09-01
Credits
Javier Olmedo
Submitter
ThreatPress