CVEs-PoC/2022/CVE-2022-2798.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 15:15:46 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data

POC

Reference

https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd

Github

https://github.com/ARPSyndicate/cvemon

834 B Raw Blame History

CVE-2022-2798

Description

POC

Reference

Github

834 B

Raw Blame History