MidnightBSD

Advisories for contact-form-7-to-database-extension_project

CVE-2018-9035 MEDIUM

CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1236,

Products Affected

Vendor Product Version
contact-form-7-to-database-extension_project contact-form-7-to-database-extension *