Critical severity9.6OSV Advisory· Published Apr 4, 2018· Updated Jun 17, 2026
CVE-2018-9035
CVE-2018-9035
Description
CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22.10.30, 2.10.31, 2.10.32+ 1 more
- (no CPE)range: 2.10.30, 2.10.31, 2.10.32
- (no CPE)range: =2.10.32
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/44367/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.