CSV Injection Vulnerability in WPForms Pro WordPress Plugin

CSV Injection Vulnerability in WPForms Pro WordPress Plugin

CVE-2022-3574 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.

Learn more about our Wordpress Pen Testing.