CVE-2022-41616

HIGH

Kaushik Kalathiya Export Users Data CSV - Info Disclosure

Title source: llm

Description

Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1.

References (2)

[Vdb Entry] https://patchstack.com/database/Wordpress/Plugin/export-users-data-csv/vulnerability/wordpress-export-users-data-csv-plugin-2-1-auth-csv-injection-vulnerability?_s_id=cve

[Third Party Advisory] https://patchstack.com/database/vulnerability/export-users-data-csv/wordpress-export-users-data-csv-plugin-2-1-auth-csv-injection-vulnerability?_s_id=cve

Scores

CVSS v3 7.6

EPSS 0.0049

EPSS Percentile 65.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-1236

Status published

Products (3)

Kaushik/Export Users Data CSV < 2.1

Kaushik Kalathiya/Export Users Data CSV < 2.1

kaushikkalathiya/export_users_data < 2.1

Published Nov 07, 2023

Tracked Since Feb 18, 2026