CVE-2022-1539

Description

The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks.

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics