The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
7.8CVSS
7.8AI Score
0.001EPSS
SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.
9.8CVSS
9.7AI Score
0.003EPSS