CVE-2022-3463

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection
References
Configurations

Configuration 1

cpe:2.3:a:fluentforms:contact_form:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-11-07 10:15

Updated : 2022-11-09 08:09


NVD link : CVE-2022-3463

Mitre link : CVE-2022-3463

Products Affected
No products.
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File