CyberSec.Space Logo
Back to CVE Browser

CVE-2020-22277

HIGH
8.0
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile16.58th
PublishedNov 4, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile.

Affected Platforms (CPE)

πŸ“¦
Codection

Import And Export Users And Customers

<= 1.15.5.11

References & Advisories

πŸ”— https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf
πŸ”— https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0
πŸ”— https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically%2Cis%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20.
πŸ”— https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf
πŸ”— https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0
πŸ”— https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically%2Cis%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20.

Related Vulnerabilities

CVE-2020-120748.8

The users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscribers to import administrative...

CVE-2019-150927.3

The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...