CVE-2022-2798

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data
References
Configurations

Configuration 1

cpe:2.3:a:wpaffiliatemanager:affiliates_manager:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-09-16 09:15

Updated : 2022-09-20 02:28


NVD link : CVE-2022-2798

Mitre link : CVE-2022-2798

Products Affected
No products.
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File