FluentForm < 4.3.13 - CSV Injection
CVE-2022-3463
9.8CRITICAL
What is CVE-2022-3463?
The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection
Affected Version(s)
Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms 4.3.13