[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzLS2EWMorfN9NhzPB2NHZHKx7eZzlvVTr5YZOpfNtpI":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-38061","export-post-info-authenticated-author-csv-injection","Export Post Info \u003C= 1.2.0 - Authenticated (Author+) CSV Injection","The Export Post Info plugin for WordPress is vulnerable to CSV Injection. This allows authenticated users with author permissions or higher, to inject commands that the plugin will include when generating a CSV file for export. If a victim opens the malicious CSV file on a vulnerable platform these commands could be executed on their local machine.","export-post-info",null,"\u003C=1.2.0","1.2.1","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","2022-09-22 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe033dd4a-bc82-403a-82aa-cd8516290f4a?source=api-prod",488]