WordPress Plugin Vulnerabilities

Export customers list CSV for WooCommerce < 2.0.69 - CSV Injection

Description

The plugin does not validate data when outputting it back in a CSV file, which could lead to CSV injection.

Proof of Concept

- Place a WooCommerce order using "=5+5" as first_name.
- Export the data as CSV.
- Open the CSV with a spreadsheet application (Excel, Libre Office).
- The CSV formula gets executed.

Affects Plugins

export-woocommerce-customer-list

Fixed in version 2.0.69

References

CVE

CVE-2022-3603

Classification

Type

CSV INJECTION

OWASP top 10

A1: Injection

CWE

CWE-1236

Miscellaneous

Original Researcher

Francesco Carlucci

Submitter

Francesco Carlucci

Submitter website

https://carluc.ci

Submitter twitter

francecarlucci

Verified

Yes

WPVDB ID

376e2bc7-2eb9-4e0a-809c-1582940ebdc7

Timeline

Publicly Published

2022-11-09 (about 4 months ago)

Added

2022-11-03 (about 4 months ago)

Last Updated

2022-11-09 (about 4 months ago)

Our Other Services

WPScan WordPress Security Plugin