Vulnerabilities > Codection > Import AND Export Users AND Customers > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-11	CVE-2023-6583	Path Traversal vulnerability in Codection Import and Export Users and Customers The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. network low complexity codection CWE-22	7.2
2022-11-07	CVE-2022-3558	Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files. network low complexity codection CWE-1236	8.0
2020-11-04	CVE-2020-22277	Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. network low complexity codection CWE-1236	8.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.