| |
Vulnerability CVE-2022-2240
Published: 2022-07-25
Description: |
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it |
Type:
CWE-1236
References: |
https://wpscan.com/vulnerability/6a3a573e-f9f2-45ec-9156-332cc551fc7e
|
|
|
Copyright 2024, cxsecurity.com
|
|
|