3 matches found
CVE-2022-3463 FluentForm < 4.3.13 - CSV Injection
The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection...
CVE-2022-3463 FluentForm < 4.3.13 - CSV Injection
The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection...
CVE-2022-3463
CVE-2022-3463 concerns the WordPress Contact Form Plugin (FluentForm) before 4.3.13. The vulnerability is a CSV injection caused by not validating and escaping fields when exporting form entries as CSV. Affected product: WordPress FluentForm / Contact Form Plugin prior to 4.3.13. Impact: potentia...