CVE Published: 02/05/2022 |
CVE Updated: 02/08/2024 |
CVE Year: 2022 Source: WPScan |
Vendor: Unknown |
Product: Import and export users and customers Status : PUBLISHED
CVE-2022-1255 Description
The Import and export users and customers WordPress plugin before 1.19.2.1 does not sanitise and escaped imported CSV data, which could allow high privilege users to import malicious javascript code and lead to Stored Cross-Site Scripting issues