CVE-2022-2798

UNKNOWN 0.0

Affiliates Manager < 2.9.14 - Affiliate CSV Injection

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data

CWE	CWE-1236
Vendor	unknown
Product	affiliates manager
Published	Sep 16, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for unknown affiliates manager

Be the first to know when new unknown vulnerabilities affecting unknown affiliates manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Affiliates Manager

2.9.14 < 2.9.14

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/f169567d-c682-4abe-94df-a9d00be90edd

Credits

nhatnam