UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress, 55c172593544604071e103b6e01c42870b2ab4f4

CVE, Research URL: 55c172593544604071e103b6e01c42870b2ab4f4
Home page URL: Security reports for UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress
Application: UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress
Published on: Dec 23, 2022
Research Description: UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP [userswp] < 1.2.3.10 WordPress UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress Plugin <= 1.2.3.9 is vulnerable to CSV Injection Update the WordPress UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin to the latest available version (at least 1.2.3.10). WordfenceTeam discovered and reported this CSV Injection vulnerability in WordPress UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress Plugin. This could allow a malicious actor to craft malicious formulas to then exploit vulnerabilities in the spreadsheet software or to execute commands to gain access to the victim';s PC. This vulnerability has been fixed in version 1.2.3.10.
Affected versions: max 1.2.3.10.
Status: vulnerable

UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress, 55c172593544604071e103b6e01c42870b2ab4f4