exploitDog

GHSA-6mxj-jjjj-8mpv

Опубликовано: 14 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.

Ссылки

EPSS

Процентиль: 79%

0.01256

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236

Связанные уязвимости

CVE-2022-3574

CVSS3: 9.8

nvd

около 3 лет назад

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.

EPSS

Процентиль: 79%

0.01256

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236