CVE-2020-36503
- Source
- https://cve.org/CVERecord?id=CVE-2020-36503
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36503.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-36503
- Published
- 2021-11-01T09:15:08.257Z
- Modified
- 2026-04-10T04:28:08.760491Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue
- References
Affected packages
Git / github.com/connections-business-directory/connections
Affected versions
0.*
0.7.3.2
0.7.3.3
0.7.3.4
0.7.3.5
0.7.3.6
0.7.3.7
0.7.4
0.7.4.1
0.7.5
0.7.5.1
0.7.6
0.7.6.1
0.7.6.2
0.7.6.3
0.7.6.4
0.7.6.5
0.7.6.6
0.7.7
0.7.8
0.7.8.1
0.7.9
0.7.9.1
0.7.9.2
0.7.9.3
0.7.9.4
0.7.9.5
0.7.9.6
0.7.9.7
0.8.10
0.8.11
0.8.12
0.8.13
0.8.14
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
0.8.8
0.8.9
8.*
8.1
8.1.1
8.1.2
8.1.3
8.1.4
8.1.5
8.1.6
8.10
8.11
8.12
8.13
8.14
8.15
8.16
8.17
8.18
8.19
8.19.1
8.2
8.2.1
8.2.10
8.2.2
8.2.23
8.2.3
8.2.4
8.2.5
8.2.6
8.2.7
8.2.8
8.2.9
8.20
8.21
8.22
8.23
8.24
8.25
8.25.1
8.26
8.27
8.28
8.28.1
8.28.2
8.28.3
8.28.4
8.28.5
8.29
8.3
8.3.1
8.3.2
8.3.3
8.30
8.30.1
8.31
8.32
8.33
8.34
8.35
8.36
8.36.1
8.37
8.38
8.38.1
8.39
8.39.1
8.4
8.4.1
8.4.2
8.4.3
8.4.4
8.4.5
8.40
8.40.1
8.40.2
8.41
8.41.1
8.41.2
8.42
8.42.1
8.43
8.44
8.44.1
8.5
8.5.1
8.5.10
8.5.11
8.5.12
8.5.13
8.5.14
8.5.15
8.5.16
8.5.17
8.5.18
8.5.19
8.5.2
8.5.20
8.5.21
8.5.22
8.5.24
8.5.25
8.5.26
8.5.27
8.5.28
8.5.29
8.5.3
8.5.30
8.5.31
8.5.32
8.5.4
8.5.5
8.5.6
8.5.7
8.5.8
8.5.9
8.6
8.6.1
8.6.10
8.6.11
8.6.12
8.6.2
8.6.3
8.6.4
8.6.5
8.6.6
8.6.7
8.6.8
8.6.9
8.7
8.7.1
8.8
8.9
9.*
9.0
9.0.1
9.0.2
9.1
9.1.1
9.2
9.3
9.3.1
9.3.2
9.4
9.4.1
9.4.2
9.4.3
9.4.4
9.4.5
9.4.6
9.4.7
9.4.8
9.5
9.5.1
9.6