CVE-2023-5424 : The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions

The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.9.217. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.

Published 2024-06-07 09:33:36

Updated 2024-06-12 13:38:14

Source Wordfence

View at NVD, CVE.org

Products affected by CVE-2023-5424

Westguardsolutions » Ws Form » Lite Edition For Wordpress
Versions before (<) 1.9.218
cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:lite:wordpress:*:*
Matching versions
Westguardsolutions » Ws Form » PRO Edition For Wordpress
Versions before (<) 1.9.218
cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:pro:wordpress:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-5424

EPSS FAQ

1.41%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 79 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5424

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.7	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N	N/A	N/A	Wordfence	2024-06-07
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST	2024-06-12
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High
4.7	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N	1.6	2.7	Wordfence	2024-06-07
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2023-5424

CWE-1236 Improper Neutralization of Formula Elements in a CSV File

The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-5424

https://wsform.com/changelog/?utm_source=wp_plugins&utm_medium=readme

WS Form PRO Changelog - WS Form
Release Notes

CVEs referencing this url
https://www.wordfence.com/threat-intel/vulnerabilities/id/38ccaa81-77ec-46f2-9bec-d74fa2e093f3?source=cve

WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection
Third Party Advisory
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3098265%40ws-form&new=3098265%40ws-form&sfp_email=&sfph_mail=

Changeset 3098265 for ws-form – WordPress Plugin Repository
Patch

Jump to

Vulnerability Details : CVE-2023-5424

Products affected by CVE-2023-5424

Exploit prediction scoring system (EPSS) score for CVE-2023-5424

CVSS scores for CVE-2023-5424

CWE ids for CVE-2023-5424

References for CVE-2023-5424