WordPress · Contact Form 7 Database Addon · CVE-2022-3634
**Name of the Vulnerable Software and Affected Versions**
Contact Form 7 Database Addon WordPress plugin versions prior to 1.2.6.5
**Description**
The issue concerns the Contact Form 7 Database Addon WordPress plugin, which does not validate data when outputting it back in a CSV file. This could lead to CSV injection.
**Recommendations**
For versions prior to 1.2.6.5, update to version 1.2.6.5 or later to resolve the issue.