Security Advisory

CVE-2022-3463

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-07 00:00:00

Last updated 2025-05-01 20:25:04

Assigner WPScan

State PUBLISHED

Description

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection

← Browse all CVEs View on cve.org ↗