CSV Injection Vulnerability in WPForms Pro WordPress Plugin
CVE-2022-3574 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.
Learn more about our Wordpress Pen Testing.