Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1236 — Vulnerability Class 125

125 vulnerabilities classified as CWE-1236. AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-45810 WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection — Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce 8.0 -2023-11-07
CVE-2022-46821 WordPress Emails & Newsletters with Jackmail Plugin <= 1.2.22 is vulnerable to CSV Injection — Emails & Newsletters with Jackmail 7.6 -2023-11-07
CVE-2022-46804 WordPress Export Users Data Distinct Plugin <= 1.3 is vulnerable to CSV Injection — Export Users Data Distinct 7.8 -2023-11-07
CVE-2022-46803 WordPress Noptin Plugin <= 1.9.5 is vulnerable to CSV Injection — Simple Newsletter Plugin – Noptin 8.8 -2023-11-07
CVE-2022-46809 WordPress ReviewX Plugin <= 1.6.7 is vulnerable to CSV Injection — ReviewX – Multi-criteria Rating & Reviews for WooCommerce 8.8 -2023-11-07
CVE-2022-46801 WordPress Site Reviews Plugin <= 6.2.0 is vulnerable to CSV Injection — Site Reviews 7.6 -2023-11-07
CVE-2022-46802 WordPress Product Reviews Import Export for WooCommerce Plugin <= 1.4.8 is vulnerable to CSV Injection — Product Reviews Import Export for WooCommerce 8.0 -2023-11-07
CVE-2023-36527 WordPress Post to CSV by BestWebSoft Plugin <= 1.4.0 is vulnerable to CSV Injection — Post to CSV by BestWebSoft 7.8 -2023-11-07
CVE-2023-23796 WordPress Form Builder Plugin <= 1.9.9.0 is vulnerable to CSV Injection — Form Builder | Create Responsive Contact Forms 8.1 -2023-11-07
CVE-2023-23678 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Plugin <= 2.2.5 is vulnerable to CSV Injection — WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) 8.1 -2023-11-07
CVE-2022-45357 WordPress 1003 Mortgage Application Plugin <= 1.75 is vulnerable to CSV Injection — 1003 Mortgage Application 8.8 -2023-11-07
CVE-2023-22719 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to CSV Injection — GiveWP 8.8 -2023-11-07
CVE-2023-25983 WordPress KB Support Plugin <= 1.5.84 is vulnerable to CSV Injection — KB Support 7.1 -2023-11-07
CVE-2022-47442 WordPress UsersWP Plugin <= 1.2.3.9 is vulnerable to CSV Injection — UsersWP 8.0 -2023-11-07
CVE-2022-45350 WordPress Simple History Plugin <= 3.3.1 is vulnerable to CSV Injection — Simple History – user activity log, audit tool 7.1 -2023-11-07
CVE-2023-43071 Dell SmartFabric Storage Software 安全漏洞 — Dell SmartFabric Storage Software 4.4 Medium2023-10-05
CVE-2023-22877 IBM InfoSphere Information Server CSV injection — InfoSphere Information Server 7.0 High2023-08-28
CVE-2023-4006 Improper Neutralization of Formula Elements in a CSV File in thorsten/phpmyfaq — thorsten/phpmyfaq 8.8 -2023-07-31
CVE-2023-37219 Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File — Telecom Composit 7.3 High2023-07-30
CVE-2023-3527 Avaya Call Management System CSV injection vulnerability — Avaya Call Management System 6.8 Medium2023-07-18
CVE-2023-28958 IBM Watson Knowledge Catalog CSV injection — Watson Knowledge Catalog on Cloud Pak for Data 7.0 High2023-07-10
CVE-2023-3493 Improper Neutralization of Formula Elements in a CSV File in fossbilling/fossbilling — fossbilling/fossbilling 8.0 -2023-06-30
CVE-2023-3302 Improper Neutralization of Formula Elements in a CSV File in admidio/admidio — admidio/admidio 8.0 -2023-06-23
CVE-2023-0721 Metform Elementor Contact Form Builder <= 3.3.0 - Unauthenticated CSV Injection — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor 8.3 High2023-06-09
CVE-2023-2629 Improper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework — pimcore/customer-data-framework 8.0 -2023-05-10
CVE-2023-2258 Improper Neutralization of Formula Elements in a CSV File in alfio-event/alf.io — alfio-event/alf.io 7.3 -2023-04-24
CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard) — Application Interface Framework (Message Dashboard) 4.4 Medium2023-04-11
CVE-2023-25611 Fortinet FortiAnalyzer 安全漏洞 — FortiAnalyzer 4.0 Medium2023-03-07
CVE-2022-35281 IBM Maximo Application Suite command injection — Maximo Asset Management 5.5 Medium2023-01-06
CVE-2022-4034 Appointment Hour Booking <= 1.3.72 - CSV Injection — Appointment Hour Booking – Booking Calendar 5.8 Medium2022-11-29

Vulnerabilities classified as CWE-1236 represent 125 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.