Common Weakness Enumeration

CWE-1236

Allowed

Improper Neutralization of Formula Elements in a CSV File

Abstraction: Base · Status: Incomplete

The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.

401 vulnerabilities reference this CWE, most recent first.

CVE-2022-3026 (GCVE-0-2022-3026)

Vulnerability from cvelistv5 – Published: 2022-09-06 17:19 – Updated: 2026-04-08 17:02
VLAI
Title
WP Users Exporter <= 1.4.2 - CSV Injection
Summary
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that will embed into the exported CSV file triggered by an administrator and can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
Impacted products
Vendor Product Version
leogermani WP Users Exporter Affected: 0 , ≤ 1.4.2 (semver)
Create a notification for this product.
Credits
Zhouyuan Yang
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:53:00.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7da1d7cf-e8b5-4b7c-bdc1-13ef8c11b663?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/wp-users-exporter/trunk/A_UserExporter.class.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-3026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WP Users Exporter",
          "vendor": "leogermani",
          "versions": [
            {
              "lessThanOrEqual": "1.4.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhouyuan Yang"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the \u0027Export Users\u0027 functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that will embed into the exported CSV file triggered by an administrator and can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:02:56.882Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7da1d7cf-e8b5-4b7c-bdc1-13ef8c11b663?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-users-exporter/trunk/A_UserExporter.class.php"
        },
        {
          "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-3026"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2019-12-30T00:00:00.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2022-08-29T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "WP Users Exporter \u003c= 1.4.2 - CSV Injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2022-3026",
    "datePublished": "2022-09-06T17:19:02.000Z",
    "dateReserved": "2022-08-29T00:00:00.000Z",
    "dateUpdated": "2026-04-08T17:02:56.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-2798 (GCVE-0-2022-2798)

Vulnerability from cvelistv5 – Published: 2022-09-16 08:40 – Updated: 2024-08-03 00:46
VLAI
Title
Affiliates Manager < 2.9.14 - Affiliate CSV Injection
Summary
The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
Unknown Affiliates Manager Affected: 2.9.14 , < 2.9.14 (custom)
Create a notification for this product.
Credits
nhatnam
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:46:04.536Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Affiliates Manager",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "2.9.14",
              "status": "affected",
              "version": "2.9.14",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "nhatnam"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-16T08:40:34.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Affiliates Manager \u003c 2.9.14 - Affiliate CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-2798",
          "STATE": "PUBLIC",
          "TITLE": "Affiliates Manager \u003c 2.9.14 - Affiliate CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Affiliates Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "2.9.14",
                            "version_value": "2.9.14"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "nhatnam"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data"
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-2798",
    "datePublished": "2022-09-16T08:40:34.000Z",
    "dateReserved": "2022-08-12T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:46:04.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2240 (GCVE-0-2022-2240)

Vulnerability from cvelistv5 – Published: 2022-07-25 12:47 – Updated: 2024-08-03 00:32
VLAI
Title
Request a Quote <= 2.3.7 - CSV Injection
Summary
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
Unknown Request a Quote Affected: 2.3.7 , ≤ 2.3.7 (custom)
Create a notification for this product.
Credits
Benachi
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:32:09.260Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/6a3a573e-f9f2-45ec-9156-332cc551fc7e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Request a Quote",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThanOrEqual": "2.3.7",
              "status": "affected",
              "version": "2.3.7",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Benachi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T12:47:54.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/6a3a573e-f9f2-45ec-9156-332cc551fc7e"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Request a Quote \u003c= 2.3.7 - CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-2240",
          "STATE": "PUBLIC",
          "TITLE": "Request a Quote \u003c= 2.3.7 - CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Request a Quote",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "2.3.7",
                            "version_value": "2.3.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Benachi"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it"
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/6a3a573e-f9f2-45ec-9156-332cc551fc7e",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/6a3a573e-f9f2-45ec-9156-332cc551fc7e"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-2240",
    "datePublished": "2022-07-25T12:47:55.000Z",
    "dateReserved": "2022-06-28T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:32:09.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2112 (GCVE-0-2022-2112)

Vulnerability from cvelistv5 – Published: 2022-06-17 10:15 – Updated: 2024-08-03 00:24
VLAI
Title
Improper Neutralization of Formula Elements in a CSV File in inventree/inventree
Summary
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
inventree inventree/inventree Affected: unspecified , < 0.7.2 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:44.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "inventree/inventree",
          "vendor": "inventree",
          "versions": [
            {
              "lessThan": "0.7.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-17T10:15:16.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
        }
      ],
      "source": {
        "advisory": "e57c36e7-fa39-435f-944a-3a52ee066f73",
        "discovery": "EXTERNAL"
      },
      "title": "Improper Neutralization of Formula Elements in a CSV File in inventree/inventree",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-2112",
          "STATE": "PUBLIC",
          "TITLE": "Improper Neutralization of Formula Elements in a CSV File in inventree/inventree"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "inventree/inventree",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "0.7.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "inventree"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f",
              "refsource": "MISC",
              "url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
            },
            {
              "name": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
            }
          ]
        },
        "source": {
          "advisory": "e57c36e7-fa39-435f-944a-3a52ee066f73",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-2112",
    "datePublished": "2022-06-17T10:15:16.000Z",
    "dateReserved": "2022-06-17T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:24:44.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2027 (GCVE-0-2022-2027)

Vulnerability from cvelistv5 – Published: 2022-06-08 08:35 – Updated: 2024-08-03 00:24
VLAI
Title
Improper Neutralization of Formula Elements in a CSV File in kromitgmbh/titra
Summary
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
kromitgmbh kromitgmbh/titra Affected: unspecified , < 0.77.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:44.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kromitgmbh/titra/commit/e606b674a2b7564407d89e38a341d72e22b14694"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/fb99c27c-7eaa-48db-be39-b804cb83871d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kromitgmbh/titra",
          "vendor": "kromitgmbh",
          "versions": [
            {
              "lessThan": "0.77.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-08T08:35:23.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kromitgmbh/titra/commit/e606b674a2b7564407d89e38a341d72e22b14694"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/fb99c27c-7eaa-48db-be39-b804cb83871d"
        }
      ],
      "source": {
        "advisory": "fb99c27c-7eaa-48db-be39-b804cb83871d",
        "discovery": "EXTERNAL"
      },
      "title": "Improper Neutralization of Formula Elements in a CSV File in kromitgmbh/titra",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-2027",
          "STATE": "PUBLIC",
          "TITLE": "Improper Neutralization of Formula Elements in a CSV File in kromitgmbh/titra"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "kromitgmbh/titra",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "0.77.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "kromitgmbh"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/kromitgmbh/titra/commit/e606b674a2b7564407d89e38a341d72e22b14694",
              "refsource": "MISC",
              "url": "https://github.com/kromitgmbh/titra/commit/e606b674a2b7564407d89e38a341d72e22b14694"
            },
            {
              "name": "https://huntr.dev/bounties/fb99c27c-7eaa-48db-be39-b804cb83871d",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/fb99c27c-7eaa-48db-be39-b804cb83871d"
            }
          ]
        },
        "source": {
          "advisory": "fb99c27c-7eaa-48db-be39-b804cb83871d",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-2027",
    "datePublished": "2022-06-08T08:35:23.000Z",
    "dateReserved": "2022-06-08T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:24:44.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1544 (GCVE-0-2022-1544)

Vulnerability from cvelistv5 – Published: 2022-05-01 11:45 – Updated: 2024-08-03 00:10
VLAI
Title
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers
Summary
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
luyadev luyadev/yii-helpers Affected: unspecified , < 1.2.1 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:10:02.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/fa6d6e75-bc7a-40f6-9bdd-2541318912d4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/luyadev/yii-helpers/commit/9956ed63f516110c2b588471507b870e748c4cfb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "luyadev/yii-helpers",
          "vendor": "luyadev",
          "versions": [
            {
              "lessThan": "1.2.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-01T11:45:12.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/fa6d6e75-bc7a-40f6-9bdd-2541318912d4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/luyadev/yii-helpers/commit/9956ed63f516110c2b588471507b870e748c4cfb"
        }
      ],
      "source": {
        "advisory": "fa6d6e75-bc7a-40f6-9bdd-2541318912d4",
        "discovery": "EXTERNAL"
      },
      "title": "Formula Injection/CSV Injection due to Improper Neutralization of  Formula Elements  in CSV File in luyadev/yii-helpers",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-1544",
          "STATE": "PUBLIC",
          "TITLE": "Formula Injection/CSV Injection due to Improper Neutralization of  Formula Elements  in CSV File in luyadev/yii-helpers"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "luyadev/yii-helpers",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "1.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "luyadev"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/fa6d6e75-bc7a-40f6-9bdd-2541318912d4",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/fa6d6e75-bc7a-40f6-9bdd-2541318912d4"
            },
            {
              "name": "https://github.com/luyadev/yii-helpers/commit/9956ed63f516110c2b588471507b870e748c4cfb",
              "refsource": "MISC",
              "url": "https://github.com/luyadev/yii-helpers/commit/9956ed63f516110c2b588471507b870e748c4cfb"
            }
          ]
        },
        "source": {
          "advisory": "fa6d6e75-bc7a-40f6-9bdd-2541318912d4",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-1544",
    "datePublished": "2022-05-01T11:45:12.000Z",
    "dateReserved": "2022-05-01T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:10:02.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1539 (GCVE-0-2022-1539)

Vulnerability from cvelistv5 – Published: 2022-07-25 12:46 – Updated: 2024-08-03 00:10
VLAI
Title
Exports and Reports < 0.9.2 - Contributor+ CSV Injection
Summary
The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks.
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
Unknown Exports and Reports Affected: 0.9.2 , < 0.9.2 (custom)
Create a notification for this product.
Credits
websafe2021
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:10:03.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/50f70927-9677-4ba4-a388-0a41ed356523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Exports and Reports",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "0.9.2",
              "status": "affected",
              "version": "0.9.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "websafe2021"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T12:46:03.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/50f70927-9677-4ba4-a388-0a41ed356523"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Exports and Reports \u003c 0.9.2 - Contributor+ CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1539",
          "STATE": "PUBLIC",
          "TITLE": "Exports and Reports \u003c 0.9.2 - Contributor+ CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Exports and Reports",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "0.9.2",
                            "version_value": "0.9.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "websafe2021"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/50f70927-9677-4ba4-a388-0a41ed356523",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/50f70927-9677-4ba4-a388-0a41ed356523"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-1539",
    "datePublished": "2022-07-25T12:46:03.000Z",
    "dateReserved": "2022-04-29T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:10:03.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1202 (GCVE-0-2022-1202)

Vulnerability from cvelistv5 – Published: 2022-06-13 12:41 – Updated: 2024-08-02 23:55
VLAI
Title
WP-CRM <= 1.2.1 - CSV Injection
Summary
The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Credits
Ankur Bakre
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:24.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/53c8190c-baef-4807-970b-f01ab440576a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WP-CRM \u2013 Customer Relations Management for WordPress",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThanOrEqual": "1.2.1",
              "status": "affected",
              "version": "1.2.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ankur Bakre"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-13T12:41:41.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/53c8190c-baef-4807-970b-f01ab440576a"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "WP-CRM \u003c= 1.2.1 - CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1202",
          "STATE": "PUBLIC",
          "TITLE": "WP-CRM \u003c= 1.2.1 - CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WP-CRM \u2013 Customer Relations Management for WordPress",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "1.2.1",
                            "version_value": "1.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ankur Bakre"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/53c8190c-baef-4807-970b-f01ab440576a",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/53c8190c-baef-4807-970b-f01ab440576a"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-1202",
    "datePublished": "2022-06-13T12:41:41.000Z",
    "dateReserved": "2022-04-01T00:00:00.000Z",
    "dateUpdated": "2024-08-02T23:55:24.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1194 (GCVE-0-2022-1194)

Vulnerability from cvelistv5 – Published: 2022-09-16 08:40 – Updated: 2024-08-02 23:55
VLAI
Title
Mobile Events Manager < 1.4.8 - Admin+ CSV Injection
Summary
The Mobile Events Manager WordPress plugin before 1.4.8 does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability.
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
Unknown Mobile Events Manager Affected: 1.4.8 , < 1.4.8 (custom)
Create a notification for this product.
Credits
Varun thorat
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:24.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/62be0991-f095-43cf-a167-3daaed254594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Mobile Events Manager",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "1.4.8",
              "status": "affected",
              "version": "1.4.8",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Varun thorat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Mobile Events Manager WordPress plugin before 1.4.8 does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-16T08:40:25.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/62be0991-f095-43cf-a167-3daaed254594"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Mobile Events Manager \u003c 1.4.8 - Admin+ CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1194",
          "STATE": "PUBLIC",
          "TITLE": "Mobile Events Manager \u003c 1.4.8 - Admin+ CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mobile Events Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "1.4.8",
                            "version_value": "1.4.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Varun thorat"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Mobile Events Manager WordPress plugin before 1.4.8 does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/62be0991-f095-43cf-a167-3daaed254594",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/62be0991-f095-43cf-a167-3daaed254594"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-1194",
    "datePublished": "2022-09-16T08:40:25.000Z",
    "dateReserved": "2022-03-31T00:00:00.000Z",
    "dateUpdated": "2024-08-02T23:55:24.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-0142 (GCVE-0-2022-0142)

Vulnerability from cvelistv5 – Published: 2022-04-12 11:15 – Updated: 2024-08-02 23:18
VLAI
Title
Visual Form Builder < 3.0.6 - CSV Injection
Summary
The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Severity
No CVSS data available.
CWE
  • CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
Vendor Product Version
Unknown Visual Form Builder Affected: 3.0.8 , < 3.0.8 (custom)
Create a notification for this product.
Credits
Vishnupriya Ilango of Fortinet's FortiGuard Labs
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fortiguard.com/zeroday/FG-VD-21-080"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Visual Form Builder",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "3.0.8",
              "status": "affected",
              "version": "3.0.8",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Vishnupriya Ilango of Fortinet\u0027s FortiGuard Labs"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-13T12:41:27.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fortiguard.com/zeroday/FG-VD-21-080"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Visual Form Builder \u003c 3.0.6 - CSV Injection",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-0142",
          "STATE": "PUBLIC",
          "TITLE": "Visual Form Builder \u003c 3.0.6 - CSV Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Visual Form Builder",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "3.0.8",
                            "version_value": "3.0.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Vishnupriya Ilango of Fortinet\u0027s FortiGuard Labs"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878"
            },
            {
              "name": "https://www.fortiguard.com/zeroday/FG-VD-21-080",
              "refsource": "MISC",
              "url": "https://www.fortiguard.com/zeroday/FG-VD-21-080"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-0142",
    "datePublished": "2022-04-12T11:15:23.000Z",
    "dateReserved": "2022-01-06T00:00:00.000Z",
    "dateUpdated": "2024-08-02T23:18:41.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Implementation

When generating CSV output, ensure that formula-sensitive metacharacters are effectively escaped or removed from all data before storage in the resultant CSV. Risky characters include '=' (equal), '+' (plus), '-' (minus), and '@' (at).

Mitigation
Implementation

If a field starts with a formula character, prepend it with a ' (single apostrophe), which prevents Excel from executing the formula.

Mitigation
Architecture and Design

Certain implementations of spreadsheet software might disallow formulas from executing if the file is untrusted, or if the file is not authored by the current user.

No CAPEC attack patterns related to this CWE.