CVE-2022-1800

CVE-2022-1800: Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL Injection

Vendor Unknown
Product Export any WordPress data to XML/CSV
Weakness CWE-89 · SQLi
Published June 13, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability.

Key dates

02Disclosure timeline

June 13, 2022 CVE published
August 3, 2024 Record updated