CVE-2022-3463 Information

Description

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV leading to a CSV injection

Reference

https://wpscan.com/vulnerability/e2a59481-db45-4b8e-b17a-447303469364