Adel Bouaricha

**Name of the Vulnerable Software and Affected Versions** Contact Form 7 Database Addon WordPress plugin versions prior to 1.2.6.5 **Description** The issue concerns the Contact Form 7 Database Addon WordPress plugin, which does not validate data when outputting it back in a CSV file. This could lead to CSV injection. **Recommendations** For versions prior to 1.2.6.5, update to version 1.2.6.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Import and export users and customers WordPress plugin versions prior to 1.20.5 **Description** The issue concerns the improper escaping of data when exporting it via CSV files. This could potentially lead to security issues, although specific details about exploitation or affected devices are not provided. **Recommendations** For versions prior to 1.20.5, update to version 1.20.5 or later to resolve the issue. As a temporary workaround, consider avoiding the export of user and customer data via CSV files until the update is applied.