cleantalk
Vulnerabilities and Security Researches

TablePress – Tables in WordPress made easy, CVE-2019-20180

CVE, Research URL

CVE-2019-20180

Home page URL

Security reports for TablePress – Tables in WordPress made easy

Application

TablePress – Tables in WordPress made easy

Published on
Jan 10, 2020
Research Description
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
TablePress – Tables in WordPress made easy (CVE-2024-9595) , Oct 12, 2024
TablePress – Tables in WordPress made easy (CVE-2024-4354) , Jun 08, 2024
TablePress – Tables in WordPress made easy (CVE-2017-10889) , Jun 06, 2024
TablePress – Tables in WordPress made easy (CVE-2019-20180) , Jun 06, 2024
TablePress – Tables in WordPress made easy , Feb 17, 2025
New vulnerability
Xavin's List Subpages (CVE-2025-4220) , May 08, 2025
CarDealerPress (CVE-2025-3860) , May 08, 2025
Crossword Compiler Puzzles (CVE-2025-46493) , May 08, 2025
Frontend Dashboard (CVE-2025-4104) , May 08, 2025
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2025-0671) , May 08, 2025