Lucene search

PatchstackVULNRICHMENT:CVE-2022-46801

HistoryNov 07, 2023 - 4:11 p.m.

CVE-2022-46801 WordPress Site Reviews Plugin <= 6.2.0 is vulnerable to CSV Injection

2023-11-0716:11:31

CWE-1236

Patchstack

github.com

wordpress

site reviews plugin

csv injection

vulnerability

AI Score

7.2

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

total

JSON

Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.

References

patchstack.com/database/vulnerability/site-reviews/wordpress-site-reviews-plugin-6-2-0-unauth-csv-injection-vulnerability?_s_id=cve