Vulnerabilities > CVE-2020-36503 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Connections-Pro Connections Business Directory
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue