CVE-2022-3393

CVE-2022-3393: Post to CSV by BestWebSoft <= 1.4.0 - Author+ CSV Injection

Vendor Unknown
Product Post to CSV by BestWebSoft
Weakness CWE-1236
Published October 25, 2022
Last update May 7, 2025

CVSS base score

What the vulnerability does

01Description

The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection

Key dates

02Disclosure timeline

October 25, 2022 CVE published
May 7, 2025 Record updated