Vulnerability Details CVE-2020-22277
Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.0%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.0
References
- https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf
- https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0
- https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically%2Cis%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20.
- https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf
- https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0
- https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically%2Cis%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20.
Products affected by CVE-2020-22277
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.6
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.7
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.8
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.8.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.0.9
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.1.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.1.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.1.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.10
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.11
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.12
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.6
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.7
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.8
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.2.9
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.10
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.6
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.7
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.8
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.14.3.9
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.0.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.1.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.2.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.2.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.2.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.3.6
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.4.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.4.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.4.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.4.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.1
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.10
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.11
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.2
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.3
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.4
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.5
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.6
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.7
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.8
-
cpe:2.3:a:codection:import_and_export_users_and_customers:1.15.5.9