WordPress Plugin Vulnerabilities

1003 Mortgage Application < 1.80 - Improper Neutralization of Formula Elements in a CSV File

Description

Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage Application.This issue affects 1003 Mortgage Application: from n/a through 1.75.

Affects Plugins

Plugin icon
1003-mortgage-application
Fixed in 1.80

References

CVE
CVE-2022-45357

Classification

Type
CSV INJECTION
OWASP top 10
A1: Injection
CWE
CWE-1236

Miscellaneous

Original Researcher
Rodrigo Escobar - ipax
Verified
No
WPVDB ID
bf9743e2-6008-485a-904e-aaaa8bf95c02

Timeline

Publicly Published
2023-11-07 (about 2 years ago)
Added
2023-11-07 (about 2 years ago)
Last Updated
2023-11-07 (about 2 years ago)

Other

Published
Title
Published
2023-02-02
Title
Simple History < 3.4.0 - Improper Neutralization of Formula Elements in a CSV File
Published
2022-10-03
Title
Post to CSV by BestWebSoft < 1.4.1 - Author+ CSV Injection
Published
2023-11-07
Title
Export Users Data CSV < 2.2 - Improper Neutralization of Formula Elements in a CSV File
Published
2021-11-03
Title
Visual Form Builder < 3.0.6 - CSV Injection
Published
2022-11-17
Title
Export Users With Meta <= 0.6.10 - Subscriber+ CSV Injection