VYPR

Ultimate SMS Notifications for WooCommerce

by WordPress

CVEs (1)

  • CVE-2022-2429MedSep 6, 2022
    risk 0.42cvss 6.5epss 0.01

    The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input…