CVE-2022-1194

UNKNOWN 0.0

Mobile Events Manager < 1.4.8 - Admin+ CSV Injection

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Mobile Events Manager WordPress plugin before 1.4.8 does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability.

CWE	CWE-1236
Vendor	unknown
Product	mobile events manager
Published	Sep 16, 2022
Last Updated	Aug 2, 2024

Stay Ahead of the Next One

Get instant alerts for unknown mobile events manager

Be the first to know when new unknown vulnerabilities affecting unknown mobile events manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Mobile Events Manager

1.4.8 < 1.4.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/62be0991-f095-43cf-a167-3daaed254594

Credits

Varun thorat