CWE-1236
Improper Neutralization of Formula Elements in a CSV File
Description
The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (117)
page 2 of 6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11526 | Hig | 0.54 | 7.8 | 0.05 | Jun 19, 2018 | The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection. | ||
| CVE-2018-10504 | Hig | 0.54 | 7.8 | 0.05 | Apr 27, 2018 | The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection. | ||
| CVE-2018-16275 | Hig | 0.51 | 7.8 | 0.01 | Aug 31, 2018 | OPSWAT MetaDefender before v4.11.2 allows CSV injection. | ||
| CVE-2022-41616 | Hig | 0.49 | 7.6 | 0.01 | Nov 7, 2023 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1. | ||
| CVE-2018-16651 | Hig | 0.47 | 7.2 | 0.01 | Sep 7, 2018 | The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. | ||
| CVE-2018-11525 | Hig | 0.47 | 7.8 | 0.05 | Jun 19, 2018 | The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection. | ||
| CVE-2018-9137 | Med | 0.47 | 6.8 | 0.03 | Apr 19, 2018 | Open-AudIT before 2.2 has CSV Injection. | ||
| CVE-2025-52612 | Hig | 0.46 | 7.1 | 0.00 | Jun 4, 2026 | HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. . | ||
| CVE-2025-58855 | Hig | 0.46 | 7.1 | 0.00 | Sep 5, 2025 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V (Artprima) AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through <= 1.4. | ||
| CVE-2022-41791 | Med | 0.44 | 6.8 | 0.01 | Nov 17, 2022 | Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress. | ||
| CVE-2025-13133 | Med | 0.43 | 6.6 | 0.00 | Nov 18, 2025 | The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the 'Import/export users' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted… | ||
| CVE-2026-24447 | Med | 0.42 | 6.5 | 0.00 | Feb 4, 2026 | If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7… | ||
| CVE-2025-60852 | Med | 0.42 | 6.5 | 0.00 | Oct 23, 2025 | A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code… | ||
| CVE-2022-3026 | Med | 0.42 | 6.5 | 0.01 | Sep 6, 2022 | The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like… | ||
| CVE-2025-12249 | Med | 0.41 | 6.3 | 0.00 | Oct 27, 2025 | A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-9241 | Med | 0.41 | 6.3 | 0.00 | Aug 20, 2025 | A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. | ||
| CVE-2023-5527 | Hig | 0.41 | 7.4 | 0.00 | Jun 18, 2024 | The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file. This allows authenticated attackers, with author-level permissions and above, to embed untrusted input into CSV files… | ||
| CVE-2025-11498 | Med | 0.40 | 6.1 | 0.00 | Oct 14, 2025 | An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability… | ||
| CVE-2022-46809 | Med | 0.40 | 6.1 | 0.01 | Nov 7, 2023 | Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX – Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX – Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7. | ||
| CVE-2022-46803 | Med | 0.40 | 6.1 | 0.01 | Nov 7, 2023 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5. |
- risk 0.54cvss 7.8epss 0.05
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
- risk 0.54cvss 7.8epss 0.05
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
- risk 0.51cvss 7.8epss 0.01
OPSWAT MetaDefender before v4.11.2 allows CSV injection.
- risk 0.49cvss 7.6epss 0.01
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1.
- risk 0.47cvss 7.2epss 0.01
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.
- risk 0.47cvss 7.8epss 0.05
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
- risk 0.47cvss 6.8epss 0.03
Open-AudIT before 2.2 has CSV Injection.
- risk 0.46cvss 7.1epss 0.00
HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. .
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V (Artprima) AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through <= 1.4.
- risk 0.44cvss 6.8epss 0.01
Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
- risk 0.43cvss 6.6epss 0.00
The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the 'Import/export users' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted…
- risk 0.42cvss 6.5epss 0.00
If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7…
- risk 0.42cvss 6.5epss 0.00
A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code…
- risk 0.42cvss 6.5epss 0.01
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
- risk 0.41cvss 7.4epss 0.00
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file. This allows authenticated attackers, with author-level permissions and above, to embed untrusted input into CSV files…
- risk 0.40cvss 6.1epss 0.00
An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability…
- risk 0.40cvss 6.1epss 0.01
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX – Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX – Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7.
- risk 0.40cvss 6.1epss 0.01
Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5.