CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Auth. CSV Injection vulnerability in Export Users With Meta plugin <= 0.6.8 on WordPress.

 Verified

 Not fixed

**6.8**

CVSS 3.1 score Medium severity

Report  

Monitoring Not reported to be exploited

Software

Export Users With Meta

Vulnerable versions

<= 0.6.8

PSID 

0379cb7246df

Classification 

CSV Injection

OWASP Top 10 

A1: Injection

Required privilege 

Requires subscriber or higher role user authentication.

Publicly disclosed

2022-11-17

**Details**

Auth. CSV Injection vulnerability discovered by Mika (Patchstack Alliance) in the WordPress Export Users With Meta plugin (versions <= 0.6.8).

**Solution**

No patched version is available. This plugin has been closed as of November 14, 2022 and is not available for download. This closure is temporary, pending a full review.

**References**

Headline

CVE-2022-44577: WordPress Export Users With Meta plugin <= 0.6.8 - Auth. CSV Injection vulnerability - Patchstack

CVE: Latest News