| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product Reviews Import Export for WooCommerce.This issue affects Product Reviews Import Export for WooCommerce: from n/a through 1.4.8. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce.This issue affects Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce: from n/a through 5.5.2. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage Application.This issue affects 1003 Mortgage Application: from n/a through 1.75. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Pär Thernström Simple History – user activity log, audit tool.This issue affects Simple History – user activity log, audit tool: from n/a through 3.3.1. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Patrick Robrecht Posts and Users Stats.This issue affects Posts and Users Stats: from n/a through 1.1.3. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Shambix Simple CSV/XLS Exporter.This issue affects Simple CSV/XLS Exporter: from n/a through 1.5.8. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5. |
| Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress. |
| A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to write arbitrary values to memory, enabling arbitrary code execution via a crafted packet. |
| llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561. |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V (Artprima) AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through <= 1.4. |
| The AnWP Football Leagues plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 0.16.17 via the 'download_csv_players' and 'download_csv_games' functions. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. |
