What is the severity of CVE-2019-17661?

CVE-2019-17661 is considered a medium to high severity vulnerability due to its potential for CSV injection leading to remote code execution.

How do I fix CVE-2019-17661?

To fix CVE-2019-17661, you should update the Admin Columns plugin to the latest version that addresses this vulnerability.

Who is affected by CVE-2019-17661?

Users of the Admin Columns plugin version 3.4.6 for WordPress are at risk of being affected by CVE-2019-17661.

What type of attack is associated with CVE-2019-17661?

CVE-2019-17661 is associated with CSV injection attacks, where an attacker can inject malicious code through user input.

Can CVE-2019-17661 be exploited remotely?

Yes, CVE-2019-17661 can be exploited remotely by attackers to gain control over affected systems.

Vulnerability/
CVE-2019-17661

critical

CWE

74 1236

8/11/2019

15/10/2024

CVE-2019-17661

First published: Fri Nov 08 2019(Updated: )

A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. By choosing formula code as his first or last name, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Admin Columns	=3.4.6

Never miss a vulnerability like this again

Reference Links

https://www2.deloitte.com/de/de/pages/risk/articles/wordpress-csv-injection.html

Frequently Asked Questions

What is the severity of CVE-2019-17661?
CVE-2019-17661 is considered a medium to high severity vulnerability due to its potential for CSV injection leading to remote code execution.
How do I fix CVE-2019-17661?
To fix CVE-2019-17661, you should update the Admin Columns plugin to the latest version that addresses this vulnerability.
Who is affected by CVE-2019-17661?
Users of the Admin Columns plugin version 3.4.6 for WordPress are at risk of being affected by CVE-2019-17661.
What type of attack is associated with CVE-2019-17661?
CVE-2019-17661 is associated with CSV injection attacks, where an attacker can inject malicious code through user input.
Can CVE-2019-17661 be exploited remotely?
Yes, CVE-2019-17661 can be exploited remotely by attackers to gain control over affected systems.

agent/type
agent/author
agent/references
agent/severity
agent/weakness
agent/description
agent/softwarecombine
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/admincolumns
canonical/admin columns
version/admin columns/3.4.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.