Headline
CVE-2019-20180: CVE-2019–20180 TABLEPRESS — 1.9.2- CSV Injection - 0xPablito - Medium
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users.
CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program such as Microsoft Excel or LibreOffice Calc is used to open a CSV, any cells starting with ‘=’ will be interpreted by the software as a formula
👨🏼💻Discovered by Pablo Santiago.
📝Published 02/01/2020.
💉CVE-2019–20180
🔗Vulnerable Version Download
📄Vulnerable version ≤ 1.9.2
✅Solution: Update to version 1.10
****Mitigation CSV Injection****
Ensure that no cells begin with any of the following characters:
- Equals to (“=”)
- Plus (“+”)
- Minus (“-”)
- At (“@”)
****Attack Vector / Criticality — Medium****
Through CSV injection vulnerability a malicious user can force other user to execute code in his machine, for example this can be used for spread malware…
Paremeters / Vulnerable Resources
As shows the next image the parameter vulnerable is tablepress[data].
****PoC****
AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N