CVE-2022-3604 Information

Description

The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file which could lead to CSV injection.

Reference

https://wpscan.com/vulnerability/300ebfcd-c500-464e-b919-acfeb72593de/