CVE-2020-7947

Name of the Vulnerable Software and Affected Versions Login by Auth0 plugin for WordPress versions prior to 4.0.0

Description The issue arises from the plugin's failure to sanitize and validate data from various sources before exporting user data. This oversight can lead to CSV injection attacks if a maliciously crafted Excel document is uploaded.

Recommendations For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting the upload of Excel documents or implementing additional validation and sanitization of user data before export.