2024-01-16 15:52:59
WPScan
PUBLISHED
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.