Lucene search
Adel BouarichaWPEX-ID:B5EEEFB0-FB5E-4CA6-A6F0-67F4BE4A2B10HistoryOct 27, 2022 - 12:00 a.m.
Contact Form 7 Database Addon < 1.2.6.5 - CSV Injection
2022-10-2700:00:00
Adel Bouaricha
95
contact form 7
database addon
csv injection
excel formula
exploit
security vulnerability
EPSS
0.002
Percentile
61.5%
The plugin does not validate data when output it back in a CSV file, which could lead to CSV injection
Use a Contact Form 7 form and submit an Excel formula in the message field, such as "=5+5" without quotes. Export the entry as CSV using the plugin and import it into ExcelRelated
prion
prion
Design/Logic Flaw
2022-11-21 11:15:00
openvas
openvas
nvd
nvd
CVE-2022-3634
2022-11-21 11:15:20
cve
cve
CVE-2022-3634
2022-11-21 11:15:20
cvelist
cvelist
CVE-2022-3634 Contact Form 7 Database Addon < 1.2.6.5 - CSV Injection
2022-11-21 00:00:00
cnvd
cnvd
WordPress Contact Form 7 Database Addon plugin CSV injection vulnerability
2022-11-23 00:00:00
wpvulndb
wpvulndb
Contact Form 7 Database Addon < 1.2.6.5 - CSV Injection
2022-10-27 00:00:00
patchstack
patchstack