CVE-2018-9035

Published: 2018-04-04T19:29Z

Last Modified: 2024-11-21T04:14Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt