ReportizFlow
Filtered by vendor
Subscriptions
Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-54348 | 1 Rajodiya | 1 Erpgo Saas | 2026-05-06 | 8.8 High |
| ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute when the exported CSV file is opened in spreadsheet applications. | ||||
| CVE-2026-27644 | 1 Traccar | 1 Traccar | 2026-05-05 | 6.5 Medium |
| Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to CSV output without proper escaping. An attacker can inject spreadsheet formulas through exported fields. When a manager or administrator opens the exported CSV file in spreadsheet software, this can cause formula execution and lead to command execution or data exfiltration. This has been patched in version 6.13.0. | ||||
| CVE-2023-25983 | 2 Kbsupport, Logon | 2 Kb Support, Kb Support | 2026-04-29 | 8.8 High |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84. | ||||
| CVE-2023-41798 | 1 Wpwax | 1 Directorist | 2026-04-28 | 5.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1. | ||||
| CVE-2023-36527 | 1 Bestwebsoft | 1 Post To Csv | 2026-04-28 | 4.7 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0. | ||||
| CVE-2023-23796 | 1 Web-settler | 1 Form Builder | 2026-04-28 | 4.7 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0. | ||||
| CVE-2023-23678 | 1 Wpeka | 1 Wp Cookie Consent | 2026-04-28 | 4 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5. | ||||
| CVE-2023-22719 | 1 Givewp | 1 Givewp | 2026-04-28 | 4.7 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1. | ||||
| CVE-2022-47442 | 1 Ayecode | 1 Userswp | 2026-04-28 | 5.8 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a through 1.2.3.9. | ||||
| CVE-2022-46821 | 1 Jackmail | 1 Jackmail | 2026-04-28 | 5.8 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane Emails & Newsletters with Jackmail.This issue affects Emails & Newsletters with Jackmail: from n/a through 1.2.22. | ||||
| CVE-2022-46809 | 1 Wpdeveloper | 1 Reviewx | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX – Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX – Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7. | ||||
| CVE-2022-46804 | 1 Narolainfotech | 1 Export Users Data Distinct | 2026-04-28 | 5.8 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3. | ||||
| CVE-2022-46803 | 1 Noptin | 1 Noptin | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin – Noptin.This issue affects Simple Newsletter Plugin – Noptin: from n/a through 1.9.5. | ||||
| CVE-2022-46802 | 1 Webtoffee | 1 Product Reviews Import Export For Woocommerce | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product Reviews Import Export for WooCommerce.This issue affects Product Reviews Import Export for WooCommerce: from n/a through 1.4.8. | ||||
| CVE-2022-46801 | 1 Geminilabs | 1 Site Reviews | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0. | ||||
| CVE-2022-45810 | 1 Icegram | 1 Icegram Express | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce.This issue affects Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce: from n/a through 5.5.2. | ||||
| CVE-2022-45370 | 1 Webtoffee | 1 Wordpress Comments Import And Export | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1. | ||||
| CVE-2022-45360 | 1 Coffee2code | 1 Commenter Emails | 2026-04-28 | 4.7 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1. | ||||
| CVE-2022-45357 | 1 Lenderd | 1 1003 Mortgage Application | 2026-04-28 | 6.1 Medium |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage Application.This issue affects 1003 Mortgage Application: from n/a through 1.75. | ||||
| CVE-2022-45350 | 1 Simple-history | 1 Simple History | 2026-04-28 | 3 Low |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Pär Thernström Simple History – user activity log, audit tool.This issue affects Simple History – user activity log, audit tool: from n/a through 3.3.1. | ||||