CSV Injection Vulnerability in Connections Business Directory WordPress Plugin

CVE-2020-36503 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue

Learn more about our Wordpress Pen Testing.