Vulnerabilities > CVE-2022-3634 - Unspecified vulnerability in Ciphercoin Contact Form 7 Database Addon

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ciphercoin

critical

NVD

Published: 2022-11-21

Updated: 2023-11-07

Summary

The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection

Vulnerable Configurations

Part	Description	Count
Application	Ciphercoin Ciphercoin Contact Form 7 Database Addon 1.0.0 Ciphercoin Contact Form 7 Database Addon 1.2.4.10 Ciphercoin Contact Form 7 Database Addon 1.2.4.11 Ciphercoin Contact Form 7 Database Addon 1.2.5 Ciphercoin Contact Form 7 Database Addon 1.2.5.3 Ciphercoin Contact Form 7 Database Addon 1.2.5.4 Ciphercoin Contact Form 7 Database Addon 1.2.5.8 Ciphercoin Contact Form 7 Database Addon 1.2.5.9 Ciphercoin Contact Form 7 Database Addon 1.2.6.1 Ciphercoin Contact Form 7 Database Addon 1.2.6.2 Ciphercoin Contact Form 7 Database Addon 1.2.6.3	11

References

https://wpscan.com/vulnerability/b5eeefb0-fb5e-4ca6-a6f0-67f4be4a2b10