Log out
Get PRO

Latest

Input validation vulnerability in Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. 3.5.0

  • Severity: high-risk
  • Status: Open
  • Publication: December 24, 2021

The Spreadsheet Integration and Spreadsheet Integration Professional plugins for WordPress may be vulnerable to Cross-Site Request Forgery, or CSRF. This is a type of attack which can allow an attacker to access restricted areas or perform certain actions on a website without the administrator’s knowledge. In versions 3.5.0 and below, the plugin does not have the adequate security measures in place to stop this type of attack, specifically in the ‘wpgsi_WorksheetColumnsTitle’ function. An attacker could send a malicious link or file to a website administrator, and if the administrator clicks on it, the attacker could gain access to restricted areas and take certain actions without the administrator’s knowledge.

Detected in:

wpgsi-professional fixed vulnerable versions: >= * <= 3.5.0
Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. open vulnerable versions: >= * <= 3.5.0

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

About

Popular articles