Vulnerabilities > Crmperks > Database FOR Contact Form 7 Wpforms Elementor Forms > 1.1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2022-3604	Improper Neutralization of Formula Elements in a CSV File vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection. local low complexity crmperks CWE-1236	7.8
2023-12-29	CVE-2023-31095	Open Redirect vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8. network low complexity crmperks CWE-601	6.1
2023-10-31	CVE-2023-31212	SQL Injection vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0. network low complexity crmperks CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.