Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2798

Sept. 16, 2022, 9:15 a.m. |

National Vulnerability Database nist.gov

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data

cve

Chief Information Security Officer

@ Los Angeles Unified School District | Los Angeles

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Director of Threat Intelligence

@ McDonald's Corporation | Chicago, IL, United States

Senior Principal Security Engineer - EMEA, Remote

@ GoDaddy | EMEA

Network Security Engineer (Starlink)

@ SpaceX | Redmond, WA, United States

Staff, Cloud Security Engineer

@ Twilio | Remote - US

Senior DevSecOps Engineer

@ Ginger | Remote - United States

Sr Professional Consultant I (Top Secret Clearance)

@ Palo Alto Networks | Las Vegas, NV, United States