Export and Import Users and Customers, CVE-2019-15092

CVE, Research URL: CVE-2019-15092
Home page URL: Security reports for Export and Import Users and Customers
Application: Export and Import Users and Customers
Published on: Aug 24, 2019
Research Description: The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.
Affected versions: Min -, max 1.3.2.
Status: vulnerable