Vulnerabilities > CVE-2022-41791 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Metagauss Profilegrid
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-plugin-5-1-6-csv-injection-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-plugin-5-1-6-csv-injection-vulnerability?_s_id=cve