WordPress weForms plugin <= 1.4.7 - CSV Injection vulnerability
- CSV Injection vulnerability found by Mohamad Pishdar in WordPress weForms plugin (versions <= 1.4.7).
- 2020-11-20 - we were unable to find information about the fix for this vulnerability.
OWASP Top 10 A1: Injection
- Name CVE-2020-22276
Fixed In 1.4.8
- Disclosure date
- Mohamad Pishdar