Vulnerabilities > CVE-2022-1202 - Unspecified vulnerability in Usabilitydynamics Wp-Crm 1.2.1

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
usabilitydynamics

Summary

The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.

Vulnerable Configurations

Part Description Count
Application
Usabilitydynamics
2