exploitDog

GHSA-5p8h-xw8m-3w4j

Опубликовано: 07 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection

Ссылки

EPSS

Процентиль: 79%

0.01307

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236

Связанные уязвимости

CVE-2022-3463

CVSS3: 9.8

nvd

больше 3 лет назад

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection

EPSS

Процентиль: 79%

0.01307

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236