Security Advisory

CVE-2022-2798

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-16 08:40:34

Last updated 2024-08-03 00:46:04

Assigner WPScan

State PUBLISHED

Description

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data

← Browse all CVEs View on cve.org ↗