Vulnerabilites related to ninjaforms - ninja_forms
cve-2021-25056
Vulnerability from cvelistv5
Published
2022-07-04 13:05
Modified
2024-08-03 19:49
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.6.10 < 3.6.10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:49:14.590Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.6.10", status: "affected", version: "3.6.10", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Muhammad Adel", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-04T13:05:21", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-25056", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.6.10", version_value: "3.6.10", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Muhammad Adel", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", refsource: "MISC", url: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-25056", datePublished: "2022-07-04T13:05:21", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:49:14.590Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-50515
Vulnerability from cvelistv5
Published
2024-11-19 16:32
Modified
2024-11-19 21:02
Severity ?
EPSS score ?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-50515", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T21:02:40.547741Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T21:02:52.172Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.8.18", status: "unaffected", }, ], lessThanOrEqual: "3.8.16", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Hwang Se-yeon (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.</p><p>This issue affects Ninja Forms: from n/a through 3.8.16.</p>", }, ], value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592 Stored XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-19T17:25:56.165Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-the-contact-form-builder-that-grows-with-you-plugin-3-8-16-cross-site-scripting-xss-vulnerability-2?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.8.18 or a higher version.", }, ], value: "Update to 3.8.18 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-50515", datePublished: "2024-11-19T16:32:16.561Z", dateReserved: "2024-10-24T07:27:11.266Z", dateUpdated: "2024-11-19T21:02:52.172Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-36827
Vulnerability from cvelistv5
Published
2022-06-16 17:11
Modified
2024-09-16 19:36
Severity ?
EPSS score ?
Summary
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms Contact Form (WordPress plugin) |
Version: n/a < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:01:59.667Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms Contact Form (WordPress plugin)", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.10", status: "unaffected", }, ], lessThanOrEqual: "3.6.9", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Asif Nawaz Minhas (Patchstack Alliance)", }, ], datePublic: "2022-06-06T21:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via \"label\".</p>", }, ], value: "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via \"label\".", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592 Stored XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-04T13:06:53.633Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Update to 3.6.10 or higher version.</p>", }, ], value: "Update to 3.6.10 or higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "audit@patchstack.com", DATE_PUBLIC: "2022-06-07T13:46:00.000Z", ID: "CVE-2021-36827", STATE: "PUBLIC", TITLE: "WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form (WordPress plugin)", version: { version_data: [ { version_affected: "<=", version_name: "<= 3.6.9", version_value: "3.6.9", }, ], }, }, ], }, vendor_name: "Saturday Drive", }, ], }, }, credit: [ { lang: "eng", value: "Vulnerability discovered by Asif Nawaz Minhas (Patchstack Alliance)", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via \"label\".", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "CONFIRM", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability", refsource: "CONFIRM", url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability", }, ], }, solution: [ { lang: "en", value: "Update to 3.6.10 or higher version.", }, ], source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2021-36827", datePublished: "2022-06-16T17:11:16.535313Z", dateReserved: "2021-07-19T00:00:00", dateUpdated: "2024-09-16T19:36:46.206Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-2113
Vulnerability from cvelistv5
Published
2024-03-29 06:43
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the nf_download_all_subs AJAX action. This makes it possible for unauthenticated attackers to trigger an export of a form's submission to a publicly accessible location via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: * ≤ 3.8.0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-2113", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-29T13:48:12.104317Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-29T13:48:50.081Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T19:03:39.222Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ebfc9f5-abb7-47bc-bd38-f60df1cccb5d?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/trunk/includes/Admin/CPT/DownloadAllSubmissions.php", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.0", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Tobias Weißhaar", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the nf_download_all_subs AJAX action. This makes it possible for unauthenticated attackers to trigger an export of a form's submission to a publicly accessible location via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-29T06:43:58.122Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ebfc9f5-abb7-47bc-bd38-f60df1cccb5d?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/trunk/includes/Admin/CPT/DownloadAllSubmissions.php", }, ], timeline: [ { lang: "en", time: "2024-03-28T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-2113", datePublished: "2024-03-29T06:43:58.122Z", dateReserved: "2024-03-01T19:08:29.730Z", dateUpdated: "2024-08-01T19:03:39.222Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19796
Vulnerability from cvelistv5
Published
2018-12-03 06:00
Modified
2024-08-05 11:44
Severity ?
EPSS score ?
Summary
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC | |
| https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/9154 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:44:20.527Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpvulndb.com/vulnerabilities/9154", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-03T00:00:00", descriptions: [ { lang: "en", value: "An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-03T16:06:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { tags: [ "x_refsource_MISC", ], url: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", }, { tags: [ "x_refsource_MISC", ], url: "https://wpvulndb.com/vulnerabilities/9154", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19796", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", refsource: "MISC", url: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", }, { name: "https://wpvulndb.com/vulnerabilities/9154", refsource: "MISC", url: "https://wpvulndb.com/vulnerabilities/9154", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19796", datePublished: "2018-12-03T06:00:00", dateReserved: "2018-12-03T00:00:00", dateUpdated: "2024-08-05T11:44:20.527Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20980
Vulnerability from cvelistv5
Published
2019-08-22 12:37
Modified
2024-08-05 12:19
Severity ?
EPSS score ?
Summary
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:19:27.035Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-22T12:37:38", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20980", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20980", datePublished: "2019-08-22T12:37:38", dateReserved: "2019-08-21T00:00:00", dateUpdated: "2024-08-05T12:19:27.035Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16308
Vulnerability from cvelistv5
Published
2018-09-01 18:00
Modified
2024-08-05 10:17
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/45234/ | exploit, x_refsource_EXPLOIT-DB | |
| https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:17:38.404Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "45234", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/45234/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-01T00:00:00", descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-01T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "45234", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/45234/", }, { tags: [ "x_refsource_MISC", ], url: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16308", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "45234", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/45234/", }, { name: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", refsource: "MISC", url: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16308", datePublished: "2018-09-01T18:00:00", dateReserved: "2018-09-01T00:00:00", dateUpdated: "2024-08-05T10:17:38.404Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12238
Vulnerability from cvelistv5
Published
2024-12-29 05:22
Modified
2024-12-31 17:03
Severity ?
EPSS score ?
Summary
The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms – The Contact Form Builder That Grows With You |
Version: * ≤ 3.8.22 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-12238", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-31T17:03:23.587901Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-31T17:03:31.881Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms – The Contact Form Builder That Grows With You", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.22", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Michael Mazzolini", }, ], descriptions: [ { lang: "en", value: "The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-29T05:22:53.627Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/524a2143-b15f-4edc-98de-dafef4c5bc00?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.20/includes/Display/Preview.php#L68", }, ], timeline: [ { lang: "en", time: "2024-12-02T00:00:00.000+00:00", value: "Discovered", }, { lang: "en", time: "2024-12-28T16:21:38.000+00:00", value: "Disclosed", }, ], title: "Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode Execution", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-12238", datePublished: "2024-12-29T05:22:53.627Z", dateReserved: "2024-12-05T12:01:07.636Z", dateUpdated: "2024-12-31T17:03:31.881Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26019
Vulnerability from cvelistv5
Published
2024-04-11 02:29
Modified
2024-11-25 18:26
Severity ?
EPSS score ?
Summary
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: prior to 3.8.1 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-26019", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-29T18:33:58.137329Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-25T18:26:52.358Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:59:31.097Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { tags: [ "x_transferred", ], url: "https://ninjaforms.com/", }, { tags: [ "x_transferred", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { status: "affected", version: "prior to 3.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-site scripting (XSS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-11T02:29:26.514Z", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { url: "https://wordpress.org/plugins/ninja-forms/", }, { url: "https://ninjaforms.com/", }, { url: "https://jvn.jp/en/jp/JVN50361500/", }, ], }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2024-26019", datePublished: "2024-04-11T02:29:26.514Z", dateReserved: "2024-03-27T23:39:29.021Z", dateUpdated: "2024-11-25T18:26:52.358Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-2220
Vulnerability from cvelistv5
Published
2015-03-05 16:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/74857 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/534687/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://wordpress.org/plugins/ninja-forms/changelog/ | x_refsource_MISC | |
| http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:10:14.444Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "74857", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74857", }, { name: "20150211 Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534687/100/0/threaded", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-11T00:00:00", descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "74857", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74857", }, { name: "20150211 Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534687/100/0/threaded", }, { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2220", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "74857", refsource: "BID", url: "http://www.securityfocus.com/bid/74857", }, { name: "20150211 Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534687/100/0/threaded", }, { name: "https://wordpress.org/plugins/ninja-forms/changelog/", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { name: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2220", datePublished: "2015-03-05T16:00:00", dateReserved: "2015-03-05T00:00:00", dateUpdated: "2024-08-06T05:10:14.444Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38393
Vulnerability from cvelistv5
Published
2024-06-19 14:15
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ninjaforma:ninja_forms:*:*:*:*:*:wordpress:*:*", ], defaultStatus: "unknown", product: "ninja_forms", vendor: "ninjaforma", versions: [ { lessThanOrEqual: "3.6.25", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-38393", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-20T18:06:02.143681Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-20T18:08:32.516Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T17:39:13.431Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-subscriber-broken-access-control-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.26", status: "unaffected", }, ], lessThanOrEqual: "3.6.25", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.<p>This issue affects Ninja Forms: from n/a through 3.6.25.</p>", }, ], value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-19T14:15:38.656Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-subscriber-broken-access-control-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.6.26 or a higher version.", }, ], value: "Update to 3.6.26 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms plugin <= 3.6.25 - Subscriber+ Broken Access Control vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-38393", datePublished: "2024-06-19T14:15:38.656Z", dateReserved: "2023-07-17T15:22:13.926Z", dateUpdated: "2024-08-02T17:39:13.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-2108
Vulnerability from cvelistv5
Published
2024-03-29 06:44
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: * ≤ 3.8.0 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-2108", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-03-29T13:46:18.898240Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:29:56.360Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T19:03:39.053Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a6eb430-cf86-4e13-a4f7-173fada9fddf?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/tags/3.8.1/includes/Fields/ListImage.php", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.0", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Tim Coen", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-29T06:44:00.618Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a6eb430-cf86-4e13-a4f7-173fada9fddf?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/tags/3.8.1/includes/Fields/ListImage.php", }, ], timeline: [ { lang: "en", time: "2024-03-28T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-2108", datePublished: "2024-03-29T06:44:00.618Z", dateReserved: "2024-03-01T18:34:17.648Z", dateUpdated: "2024-08-01T19:03:39.053Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-25572
Vulnerability from cvelistv5
Published
2024-04-11 02:29
Modified
2025-03-13 14:52
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: prior to 3.4.31 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:saturday_drive:ninja_forms:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ninja_forms", vendor: "saturday_drive", versions: [ { lessThan: "3.4.31", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-25572", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-26T15:58:04.208149Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-13T14:52:08.346Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:44:09.636Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { tags: [ "x_transferred", ], url: "https://ninjaforms.com/", }, { tags: [ "x_transferred", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { status: "affected", version: "prior to 3.4.31", }, ], }, ], descriptions: [ { lang: "en", value: "Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-site request forgery (CSRF)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-11T02:29:38.560Z", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { url: "https://wordpress.org/plugins/ninja-forms/", }, { url: "https://ninjaforms.com/", }, { url: "https://jvn.jp/en/jp/JVN50361500/", }, ], }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2024-25572", datePublished: "2024-04-11T02:29:38.560Z", dateReserved: "2024-03-27T23:39:30.008Z", dateUpdated: "2025-03-13T14:52:08.346Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2903
Vulnerability from cvelistv5
Published
2022-09-26 12:35
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.6.13 < 3.6.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:53:00.439Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.6.13", status: "affected", version: "3.6.13", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Alessio Santoru", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-26T12:35:34", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", }, ], source: { discovery: "EXTERNAL", }, title: "NinjaForms < 3.6.13 - Admin+ PHP Objection Injection", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-2903", STATE: "PUBLIC", TITLE: "NinjaForms < 3.6.13 - Admin+ PHP Objection Injection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.6.13", version_value: "3.6.13", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Alessio Santoru", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-502 Deserialization of Untrusted Data", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", refsource: "MISC", url: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-2903", datePublished: "2022-09-26T12:35:34", dateReserved: "2022-08-19T00:00:00", dateUpdated: "2024-08-03T00:53:00.439Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-37934
Vulnerability from cvelistv5
Published
2024-07-09 12:22
Modified
2024-08-02 04:04
Severity ?
EPSS score ?
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37934", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T13:20:25.762724Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T13:20:31.335Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:04:24.406Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-4-subscriber-arbitrary-shortcode-execution-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.8.5", status: "unaffected", }, ], lessThanOrEqual: "3.8.4", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.<p>This issue affects Ninja Forms: from n/a through 3.8.4.</p>", }, ], value: "Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.", }, ], impacts: [ { capecId: "CAPEC-242", descriptions: [ { lang: "en", value: "CAPEC-242 Code Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-09T12:22:20.040Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-4-subscriber-arbitrary-shortcode-execution-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.8.5 or a higher version.", }, ], value: "Update to 3.8.5 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms plugin <= 3.8.4 - Subscriber+ Arbitrary Shortcode Execution vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-37934", datePublished: "2024-07-09T12:22:20.040Z", dateReserved: "2024-06-10T21:14:12.906Z", dateUpdated: "2024-08-02T04:04:24.406Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-24164
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.4.34.1 < 3.4.34.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:21:18.626Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.4.34.1", status: "affected", version: "3.4.34.1", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland", }, ], descriptions: [ { lang: "en", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-05T18:27:43", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", }, ], source: { discovery: "UNKNOWN", }, title: "Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-24164", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.4.34.1", version_value: "3.4.34.1", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { name: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", refsource: "CONFIRM", url: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-24164", datePublished: "2021-04-05T18:27:43", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:21:18.626Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-36175
Vulnerability from cvelistv5
Published
2021-01-06 14:31
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:23:09.284Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-06T14:31:54", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-36175", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-36175", datePublished: "2021-01-06T14:31:54", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-04T17:23:09.284Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-39628
Vulnerability from cvelistv5
Published
2024-08-26 20:58
Modified
2025-01-09 17:42
Severity ?
EPSS score ?
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-39628", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-27T13:24:13.241923Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-09T17:42:04.960Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.8.7", status: "unaffected", }, ], lessThanOrEqual: "3.8.6", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.<p>This issue affects Ninja Forms: from n/a through 3.8.6.</p>", }, ], value: "Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.", }, ], impacts: [ { capecId: "CAPEC-62", descriptions: [ { lang: "en", value: "CAPEC-62 Cross Site Request Forgery", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-20T11:33:31.801Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.8.7 or a higher version.", }, ], value: "Update to 3.8.7 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-39628", datePublished: "2024-08-26T20:58:09.794Z", dateReserved: "2024-06-26T21:17:39.689Z", dateUpdated: "2025-01-09T17:42:04.960Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-9688
Vulnerability from cvelistv5
Published
2015-03-05 16:00
Modified
2024-09-16 20:06
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/changelog/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.604Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-03-05T16:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9688", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/changelog/", refsource: "CONFIRM", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9688", datePublished: "2015-03-05T16:00:00Z", dateReserved: "2015-03-05T00:00:00Z", dateUpdated: "2024-09-16T20:06:50.052Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-1835
Vulnerability from cvelistv5
Published
2023-05-15 12:15
Modified
2025-01-14 18:17
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341 | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form |
Version: 0 < 3.6.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:05:26.714Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", "x_transferred", ], url: "https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-1835", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T18:16:37.915483Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T18:17:11.781Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", product: "Ninja Forms Contact Form", vendor: "Unknown", versions: [ { lessThan: "3.6.22", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Erwan LR (WPScan)", }, { lang: "en", type: "coordinator", value: "WPScan", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Cross-Site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T12:15:46.279Z", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", ], url: "https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms < 3.6.22 - Reflected XSS", x_generator: { engine: "WPScan CVE Generator", }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2023-1835", datePublished: "2023-05-15T12:15:46.279Z", dateReserved: "2023-04-04T14:02:11.034Z", dateUpdated: "2025-01-14T18:17:11.781Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20981
Vulnerability from cvelistv5
Published
2019-08-22 12:40
Modified
2024-08-05 12:19
Severity ?
EPSS score ?
Summary
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:19:27.461Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-22T12:40:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20981", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20981", datePublished: "2019-08-22T12:40:46", dateReserved: "2019-08-21T00:00:00", dateUpdated: "2024-08-05T12:19:27.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-24163
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.4.34 < 3.4.34 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:21:18.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.4.34", status: "affected", version: "3.4.34", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland", }, ], descriptions: [ { lang: "en", value: "The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-05T18:27:43", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", }, { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], source: { discovery: "UNKNOWN", }, title: "Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-24163", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.4.34", version_value: "3.4.34", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", refsource: "CONFIRM", url: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", }, { name: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-24163", datePublished: "2021-04-05T18:27:43", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:21:18.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-11052
Vulnerability from cvelistv5
Published
2024-12-12 05:24
Modified
2024-12-12 15:46
Severity ?
EPSS score ?
Summary
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms – The Contact Form Builder That Grows With You |
Version: * ≤ 3.8.19 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11052", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-12T15:35:50.540237Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-12T15:46:09.581Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms – The Contact Form Builder That Grows With You", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.19", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Michael Mazzolini", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-12T05:24:24.004Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3adf367-0126-4d95-b337-cc3581975113?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.18/includes/Admin/Metaboxes/Calculations.php#L26", }, ], timeline: [ { lang: "en", time: "2024-11-07T00:00:00.000+00:00", value: "Discovered", }, { lang: "en", time: "2024-12-11T16:24:17.000+00:00", value: "Disclosed", }, ], title: "Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-11052", datePublished: "2024-12-12T05:24:24.004Z", dateReserved: "2024-11-09T18:33:27.725Z", dateUpdated: "2024-12-12T15:46:09.581Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1209
Vulnerability from cvelistv5
Published
2016-05-14 15:00
Modified
2024-08-05 22:48
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/changelog/ | x_refsource_CONFIRM | |
| https://wpvulndb.com/vulnerabilities/8485 | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064 | third-party-advisory, x_refsource_JVNDB | |
| https://ninjaforms.com/important-security-update-always-hurt-ones-love/ | x_refsource_CONFIRM | |
| http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload | x_refsource_MISC | |
| http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN44657371/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:48:13.521Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpvulndb.com/vulnerabilities/8485", }, { name: "JVNDB-2016-000064", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", }, { name: "JVN#44657371", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN44657371/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-11T00:00:00", descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-06-16T16:57:01", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { tags: [ "x_refsource_MISC", ], url: "https://wpvulndb.com/vulnerabilities/8485", }, { name: "JVNDB-2016-000064", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", }, { tags: [ "x_refsource_MISC", ], url: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", }, { name: "JVN#44657371", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN44657371/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2016-1209", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/changelog/", refsource: "CONFIRM", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { name: "https://wpvulndb.com/vulnerabilities/8485", refsource: "MISC", url: "https://wpvulndb.com/vulnerabilities/8485", }, { name: "JVNDB-2016-000064", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064", }, { name: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", refsource: "CONFIRM", url: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", }, { name: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", refsource: "MISC", url: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", }, { name: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", }, { name: "JVN#44657371", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN44657371/index.html", }, { name: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", refsource: "MISC", url: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2016-1209", datePublished: "2016-05-14T15:00:00", dateReserved: "2015-12-26T00:00:00", dateUpdated: "2024-08-05T22:48:13.521Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34647
Vulnerability from cvelistv5
Published
2021-09-22 17:53
Modified
2025-03-31 18:12
Severity ?
EPSS score ?
Summary
The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: 3.5.7 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:19:47.750Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-34647", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-31T18:12:30.799557Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-31T18:12:36.488Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { lessThanOrEqual: "3.5.7", status: "affected", version: "3.5.7", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland, Wordfence", }, ], datePublic: "2021-09-22T00:00:00.000Z", descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-22T17:53:18.000Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { tags: [ "x_refsource_MISC", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", }, ], solutions: [ { lang: "en", value: "Update to version 3.5.8 or newer.", }, ], source: { discovery: "INTERNAL", }, title: "Ninja Forms <= 3.5.7 Sensitive Information Disclosure", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { AKA: "Wordfence", ASSIGNER: "security@wordfence.com", DATE_PUBLIC: "2021-09-22T15:21:00.000Z", ID: "CVE-2021-34647", STATE: "PUBLIC", TITLE: "Ninja Forms <= 3.5.7 Sensitive Information Disclosure", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms", version: { version_data: [ { version_affected: "<=", version_name: "3.5.7", version_value: "3.5.7", }, ], }, }, ], }, vendor_name: "Saturday Drive", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland, Wordfence", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-863 Incorrect Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { name: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", refsource: "MISC", url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", }, ], }, solution: [ { lang: "en", value: "Update to version 3.5.8 or newer.", }, ], source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2021-34647", datePublished: "2021-09-22T17:53:18.503Z", dateReserved: "2021-06-10T00:00:00.000Z", dateUpdated: "2025-03-31T18:12:36.488Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-36173
Vulnerability from cvelistv5
Published
2021-01-06 14:32
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:23:09.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-06T14:32:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-36173", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-36173", datePublished: "2021-01-06T14:32:07", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-04T17:23:09.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-24889
Vulnerability from cvelistv5
Published
2021-11-29 08:25
Modified
2024-08-03 19:49
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.6.4 < 3.6.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:49:13.490Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.6.4", status: "affected", version: "3.6.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "JrXnm", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 SQL Injection", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-29T08:25:45", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms < 3.6.4 - Admin+ SQL Injection", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-24889", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.6.4 - Admin+ SQL Injection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.6.4", version_value: "3.6.4", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "JrXnm", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-89 SQL Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", refsource: "MISC", url: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-24889", datePublished: "2021-11-29T08:25:45", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:49:13.490Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-43999
Vulnerability from cvelistv5
Published
2024-09-17 23:14
Modified
2024-09-18 14:35
Severity ?
EPSS score ?
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-43999", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-18T14:01:17.971717Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-18T14:35:38.524Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.8.12", status: "unaffected", }, ], lessThanOrEqual: "3.8.11", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Joel Indra (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.<p>This issue affects Ninja Forms: from n/a through 3.8.11.</p>", }, ], value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592 Stored XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T23:14:18.954Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-11-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.8.12 or a higher version.", }, ], value: "Update to 3.8.12 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms plugin <= 3.8.11 - Cross Site Scripting (XSS) vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-43999", datePublished: "2024-09-17T23:14:18.954Z", dateReserved: "2024-08-18T21:57:37.333Z", dateUpdated: "2024-09-18T14:35:38.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25066
Vulnerability from cvelistv5
Published
2022-07-04 13:05
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.6.10 < 3.6.10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:09.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.6.10", status: "affected", version: "3.6.10", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Muhammad Adel", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-04T13:05:27", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-25066", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.6.10", version_value: "3.6.10", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Muhammad Adel", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", refsource: "MISC", url: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-25066", datePublished: "2022-07-04T13:05:27", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:56:09.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-24166
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.4.34 < 3.4.34 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:21:18.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.4.34", status: "affected", version: "3.4.34", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland", }, ], descriptions: [ { lang: "en", value: "The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-05T18:27:43", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", }, ], source: { discovery: "UNKNOWN", }, title: "Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-24166", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.4.34", version_value: "3.4.34", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352 Cross-Site Request Forgery (CSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { name: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", refsource: "CONFIRM", url: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-24166", datePublished: "2021-04-05T18:27:43", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:21:18.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-35909
Vulnerability from cvelistv5
Published
2023-12-07 11:15
Modified
2024-08-02 16:37
Severity ?
EPSS score ?
Summary
Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: n/a < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:37:40.041Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-denial-of-service-attack-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.26", status: "unaffected", }, ], lessThanOrEqual: "3.6.25", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "PetiteMais (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.<p>This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.</p>", }, ], value: "Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-07T11:15:26.945Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-denial-of-service-attack-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.6.26 or a higher version.", }, ], value: "Update to 3.6.26 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-35909", datePublished: "2023-12-07T11:15:26.945Z", dateReserved: "2023-06-20T09:05:43.962Z", dateUpdated: "2024-08-02T16:37:40.041Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-13470
Vulnerability from cvelistv5
Published
2025-01-30 07:23
Modified
2025-01-30 15:08
Severity ?
EPSS score ?
Summary
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms – The Contact Form Builder That Grows With You |
Version: * ≤ 3.8.24 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-13470", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-30T15:08:19.928606Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-30T15:08:24.318Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms – The Contact Form Builder That Grows With You", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.24", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Peter Thaleikis", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-30T07:23:05.434Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f2b46a9-d228-43b4-84af-d56218076087?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/includes/Display/Shortcodes.php#L8", }, { url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/ninja-forms.php#L953", }, { url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/includes/Display/Render.php#L708", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3229932%40ninja-forms%2Ftrunk&old=3226451%40ninja-forms%2Ftrunk&sfp_email=&sfph_mail=", }, ], timeline: [ { lang: "en", time: "2025-01-29T18:57:39.000+00:00", value: "Disclosed", }, ], title: "Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-13470", datePublished: "2025-01-30T07:23:05.434Z", dateReserved: "2025-01-16T17:18:06.247Z", dateUpdated: "2025-01-30T15:08:24.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-3866
Vulnerability from cvelistv5
Published
2024-09-25 06:49
Modified
2024-09-25 13:21
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Successful exploitation of this vulnerability requires "maintenance mode" for a targeted form to be enabled. However, there is no setting available to the attacker or even an administrator-level user to enable this mode. The mode is only enabled during a required update, which is a very short window of time. Additionally, because of the self-based nature of this vulnerability, attackers would have to rely on additional techniques to execute a supplied payload in the context of targeted user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms – The Contact Form Builder That Grows With You |
Version: * ≤ 3.8.15 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-3866", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-25T13:10:16.678903Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-25T13:21:55.992Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms – The Contact Form Builder That Grows With You", vendor: "kstover", versions: [ { lessThanOrEqual: "3.8.15", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "wesley", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Successful exploitation of this vulnerability requires \"maintenance mode\" for a targeted form to be enabled. However, there is no setting available to the attacker or even an administrator-level user to enable this mode. The mode is only enabled during a required update, which is a very short window of time. Additionally, because of the self-based nature of this vulnerability, attackers would have to rely on additional techniques to execute a supplied payload in the context of targeted user.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-25T06:49:02.169Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6d6b82d-574d-4a56-9aef-42343c4b7c43?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset/3153292/ninja-forms", }, ], timeline: [ { lang: "en", time: "2024-04-15T00:00:00.000+00:00", value: "Vendor Notified", }, { lang: "en", time: "2024-09-24T00:00:00.000+00:00", value: "Disclosed", }, ], title: "Ninja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-3866", datePublished: "2024-09-25T06:49:02.169Z", dateReserved: "2024-04-15T20:59:45.597Z", dateUpdated: "2024-09-25T13:21:55.992Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0685
Vulnerability from cvelistv5
Published
2024-02-02 04:32
Modified
2024-08-01 18:11
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kstover | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: * ≤ 3.7.1 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0685", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-02T14:45:51.836495Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:21:23.351Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:11:35.720Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb73d5d-ca4a-4103-866d-f7bb369a8ce4?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset/3028929/ninja-forms/trunk/includes/Admin/UserDataRequests.php", }, { tags: [ "x_transferred", ], url: "https://sec.stealthcopter.com/ninja-contact-forms/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "kstover", versions: [ { lessThanOrEqual: "3.7.1", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Matthew Rollings", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-12T21:25:50.189Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb73d5d-ca4a-4103-866d-f7bb369a8ce4?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset/3028929/ninja-forms/trunk/includes/Admin/UserDataRequests.php", }, { url: "https://sec.stealthcopter.com/ninja-contact-forms/", }, ], timeline: [ { lang: "en", time: "2024-02-01T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-0685", datePublished: "2024-02-02T04:32:34.919Z", dateReserved: "2024-01-18T14:29:14.852Z", dateUpdated: "2024-08-01T18:11:35.720Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38386
Vulnerability from cvelistv5
Published
2024-06-19 13:06
Modified
2024-08-08 16:34
Severity ?
EPSS score ?
Summary
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:39:12.832Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-contributor-broken-access-control-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38386", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-08T16:34:09.045626Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-08T16:34:44.573Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.26", status: "unaffected", }, ], lessThanOrEqual: "3.6.25", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.<p>This issue affects Ninja Forms: from n/a through 3.6.25.</p>", }, ], value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-19T13:06:42.439Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-contributor-broken-access-control-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.6.26 or a higher version.", }, ], value: "Update to 3.6.26 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-38386", datePublished: "2024-06-19T13:06:42.439Z", dateReserved: "2023-07-17T15:21:38.731Z", dateUpdated: "2024-08-08T16:34:44.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37979
Vulnerability from cvelistv5
Published
2023-07-27 14:08
Modified
2025-02-13 17:01
Severity ?
EPSS score ?
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms Contact Form |
Version: n/a < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:23:27.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, { tags: [ "technical-description", "x_transferred", ], url: "https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37979", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-25T16:35:01.572319Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-25T16:57:52.075Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms Contact Form", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.26", status: "unaffected", }, ], lessThanOrEqual: "3.6.25", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <=<span style=\"background-color: var(--wht);\"> 3.6.25 versions.</span>", }, ], value: "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.", }, ], impacts: [ { capecId: "CAPEC-591", descriptions: [ { lang: "en", value: "CAPEC-591 Reflected XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-04T17:06:39.063Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, { tags: [ "technical-description", ], url: "https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve", }, { url: "http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.6.26 or a higher version.", }, ], value: "Update to 3.6.26 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Cross Site Scripting (XSS)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-37979", datePublished: "2023-07-27T14:08:06.204Z", dateReserved: "2023-07-11T11:35:05.915Z", dateUpdated: "2025-02-13T17:01:41.751Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-24165
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress |
Version: 3.4.34 < 3.4.34 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:21:18.626Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", vendor: "Unknown", versions: [ { lessThan: "3.4.34", status: "affected", version: "3.4.34", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland", }, ], descriptions: [ { lang: "en", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-05T18:27:43", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", }, ], source: { discovery: "UNKNOWN", }, title: "Ninja Forms < 3.4.34 - Administrator Open Redirect", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2021-24165", STATE: "PUBLIC", TITLE: "Ninja Forms < 3.4.34 - Administrator Open Redirect", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress", version: { version_data: [ { version_affected: "<", version_name: "3.4.34", version_value: "3.4.34", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { name: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", refsource: "CONFIRM", url: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2021-24165", datePublished: "2021-04-05T18:27:43", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T19:21:18.626Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12462
Vulnerability from cvelistv5
Published
2020-04-29 16:23
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:52.068Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-29T16:23:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12462", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12462", datePublished: "2020-04-29T16:23:53", dateReserved: "2020-04-29T00:00:00", dateUpdated: "2024-08-04T11:56:52.068Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34648
Vulnerability from cvelistv5
Published
2021-09-22 17:53
Modified
2025-03-31 18:20
Severity ?
EPSS score ?
Summary
The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: 3.5.7 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:19:47.576Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-34648", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-31T18:19:59.612334Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-31T18:20:03.844Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { lessThanOrEqual: "3.5.7", status: "affected", version: "3.5.7", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chloe Chamberland, Wordfence", }, ], datePublic: "2021-09-22T00:00:00.000Z", descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-22T17:53:11.000Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { tags: [ "x_refsource_MISC", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", }, ], solutions: [ { lang: "en", value: "Update to version 3.5.8 or newer.", }, ], source: { discovery: "INTERNAL", }, title: "Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { AKA: "Wordfence", ASSIGNER: "security@wordfence.com", DATE_PUBLIC: "2021-09-22T15:21:00.000Z", ID: "CVE-2021-34648", STATE: "PUBLIC", TITLE: "Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ninja Forms", version: { version_data: [ { version_affected: "<=", version_name: "3.5.7", version_value: "3.5.7", }, ], }, }, ], }, vendor_name: "Saturday Drive", }, ], }, }, credit: [ { lang: "eng", value: "Chloe Chamberland, Wordfence", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-863 Incorrect Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", refsource: "MISC", url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { name: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", refsource: "MISC", url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", }, ], }, solution: [ { lang: "en", value: "Update to version 3.5.8 or newer.", }, ], source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2021-34648", datePublished: "2021-09-22T17:53:11.689Z", dateReserved: "2021-06-10T00:00:00.000Z", dateUpdated: "2025-03-31T18:20:03.844Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-18574
Vulnerability from cvelistv5
Published
2019-08-22 12:42
Modified
2024-08-05 21:28
Severity ?
EPSS score ?
Summary
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:28:55.449Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-22T12:42:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-18574", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-18574", datePublished: "2019-08-22T12:42:15", dateReserved: "2019-08-21T00:00:00", dateUpdated: "2024-08-05T21:28:55.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-50514
Vulnerability from cvelistv5
Published
2024-11-19 16:32
Modified
2024-11-19 21:01
Severity ?
EPSS score ?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-50514", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T21:01:28.226203Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T21:01:36.256Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.8.18", status: "unaffected", }, ], lessThanOrEqual: "3.8.16", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Hwang Se-yeon (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.</p><p>This issue affects Ninja Forms: from n/a through 3.8.16.</p>", }, ], value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.", }, ], impacts: [ { capecId: "CAPEC-592", descriptions: [ { lang: "en", value: "CAPEC-592 Stored XSS", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-19T17:25:56.691Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-the-contact-form-builder-that-grows-with-you-plugin-3-8-16-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.8.18 or a higher version.", }, ], value: "Update to 3.8.18 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2024-50514", datePublished: "2024-11-19T16:32:17.131Z", dateReserved: "2024-10-24T07:27:11.266Z", dateUpdated: "2024-11-19T21:01:36.256Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-36174
Vulnerability from cvelistv5
Published
2021-01-06 14:31
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:23:09.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-06T14:31:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-36174", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-36174", datePublished: "2021-01-06T14:31:44", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-04T17:23:09.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-7354
Vulnerability from cvelistv5
Published
2024-09-02 06:00
Modified
2024-09-03 14:01
Severity ?
EPSS score ?
Summary
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/3c871dcd-51d7-4d3b-b036-efa9e066ff41/ | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms |
Version: 3.8.6 ≤ |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", ], defaultStatus: "unknown", product: "ninja_forms", vendor: "ninjaforms", versions: [ { lessThan: "3.8.11", status: "affected", version: "0", versionType: "semver", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-7354", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-03T13:58:05.273135Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-03T14:01:08.897Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Ninja Forms", vendor: "Unknown", versions: [ { lessThan: "3.8.11", status: "affected", version: "3.8.6", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Erwan LR (WPScan)", }, { lang: "en", type: "coordinator", value: "WPScan", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Cross-Site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-02T06:00:01.326Z", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", ], url: "https://wpscan.com/vulnerability/3c871dcd-51d7-4d3b-b036-efa9e066ff41/", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms 3.8.6-3.8.10 - Reflected XSS", x_generator: { engine: "WPScan CVE Generator", }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2024-7354", datePublished: "2024-09-02T06:00:01.326Z", dateReserved: "2024-07-31T22:02:39.594Z", dateUpdated: "2024-09-03T14:01:08.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-7280
Vulnerability from cvelistv5
Published
2018-02-21 16:00
Modified
2024-09-17 02:31
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:24:11.862Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.2.14 for WordPress has XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-21T16:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-7280", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin before 3.2.14 for WordPress has XSS.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "CONFIRM", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-7280", datePublished: "2018-02-21T16:00:00Z", dateReserved: "2018-02-21T00:00:00Z", dateUpdated: "2024-09-17T02:31:31.293Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-5530
Vulnerability from cvelistv5
Published
2023-11-06 20:41
Modified
2024-08-02 07:59
Severity ?
EPSS score ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae | exploit, vdb-entry, technical-description | |
| https://ninjaforms.com/blog/saturday-drive-x-edition/ |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form |
Version: 0 < 3.6.34 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:59:44.902Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", "x_transferred", ], url: "https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae", }, { tags: [ "x_transferred", ], url: "https://ninjaforms.com/blog/saturday-drive-x-edition/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", product: "Ninja Forms Contact Form", vendor: "Unknown", versions: [ { lessThan: "3.6.34", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Jonathan Zamora", }, { lang: "en", type: "coordinator", value: "WPScan", }, ], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue", }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Cross-Site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-06T20:41:40.862Z", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "exploit", "vdb-entry", "technical-description", ], url: "https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae", }, { url: "https://ninjaforms.com/blog/saturday-drive-x-edition/", }, ], source: { discovery: "EXTERNAL", }, title: "Ninja Forms < 3.6.34 - Admin+ Stored XSS", x_generator: { engine: "WPScan CVE Generator", }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2023-5530", datePublished: "2023-11-06T20:41:40.862Z", dateReserved: "2023-10-11T17:01:33.156Z", dateUpdated: "2024-08-02T07:59:44.902Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-29220
Vulnerability from cvelistv5
Published
2024-04-11 02:29
Modified
2024-11-26 17:59
Severity ?
EPSS score ?
Summary
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms |
Version: prior to 3.8.1 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-29220", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-31T17:42:38.803207Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-26T17:59:14.210Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T01:10:54.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { tags: [ "x_transferred", ], url: "https://ninjaforms.com/", }, { tags: [ "x_transferred", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ninja Forms", vendor: "Saturday Drive", versions: [ { status: "affected", version: "prior to 3.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.", }, ], problemTypes: [ { descriptions: [ { description: "Cross-site scripting (XSS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-11T02:29:10.868Z", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { url: "https://wordpress.org/plugins/ninja-forms/", }, { url: "https://ninjaforms.com/", }, { url: "https://jvn.jp/en/jp/JVN50361500/", }, ], }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2024-29220", datePublished: "2024-04-11T02:29:10.868Z", dateReserved: "2024-03-27T23:39:28.130Z", dateUpdated: "2024-11-26T17:59:14.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36505
Vulnerability from cvelistv5
Published
2024-04-17 09:09
Modified
2024-08-02 16:45
Severity ?
EPSS score ?
Summary
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Saturday Drive | Ninja Forms Contact Form |
Version: n/a < |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-36505", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-19T20:00:48.959888Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:25:47.842Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins/ninja-forms/", defaultStatus: "unaffected", packageName: "ninja-forms", product: "Ninja Forms Contact Form ", vendor: "Saturday Drive", versions: [ { changes: [ { at: "3.6.25", status: "unaffected", }, ], lessThanOrEqual: "3.6.24", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Theodoros Malachias (Patchstack Alliance)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.<p>This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.</p>", }, ], value: "Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-17T09:09:33.241Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 3.6.25 or a higher version.<br>", }, ], value: "Update to 3.6.25 or a higher version.\n", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-36505", datePublished: "2024-04-17T09:09:33.241Z", dateReserved: "2023-06-22T08:38:41.922Z", dateUpdated: "2024-08-02T16:45:56.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-8594
Vulnerability from cvelistv5
Published
2020-02-14 19:01
Modified
2024-08-04 10:03
Severity ?
EPSS score ?
Summary
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/ninja-forms/#developers | x_refsource_CONFIRM | |
| https://spider-security.co.uk/blog-cve-cve-2020-8594 | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/10070 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:03:46.171Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://spider-security.co.uk/blog-cve-cve-2020-8594", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpvulndb.com/vulnerabilities/10070", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-14T22:06:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { tags: [ "x_refsource_MISC", ], url: "https://spider-security.co.uk/blog-cve-cve-2020-8594", }, { tags: [ "x_refsource_MISC", ], url: "https://wpvulndb.com/vulnerabilities/10070", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-8594", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/ninja-forms/#developers", refsource: "CONFIRM", url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { name: "https://spider-security.co.uk/blog-cve-cve-2020-8594", refsource: "MISC", url: "https://spider-security.co.uk/blog-cve-cve-2020-8594", }, { name: "https://wpvulndb.com/vulnerabilities/10070", refsource: "MISC", url: "https://wpvulndb.com/vulnerabilities/10070", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-8594", datePublished: "2020-02-14T19:01:36", dateReserved: "2020-02-03T00:00:00", dateUpdated: "2024-08-04T10:03:46.171Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Severity ?
Summary
The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "3F043B37-549B-4242-925D-04A22CEA8042", versionEndExcluding: "3.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.", }, { lang: "es", value: "El plugin de WordPress wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress versiones anteriores a 3.4.34, no tenía protección nonce, haciendo posible que atacantes diseñen una petición para desconectar la conexión OAuth de un sitio", }, ], id: "CVE-2021-24166", lastModified: "2024-11-21T05:52:30.393", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-05T19:15:15.513", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", }, { source: "contact@wpscan.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/b531fb65-a8ff-4150-a9a1-2a62a3c00bd6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "contact@wpscan.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-29 17:15
Modified
2024-11-21 04:59
Severity ?
Summary
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "98FCE88F-18C1-47B2-BBDF-3F59B5C16807", versionEndExcluding: "3.4.24.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.", }, { lang: "es", value: "El plugin ninja-forms versiones anteriores a 3.4.24.2 para WordPress, permite un ataque de tipo CSRF con un XSS resultante.", }, ], id: "CVE-2020-12462", lastModified: "2024-11-21T04:59:45.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-29T17:15:12.177", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-29 06:15
Modified
2025-04-18 18:31
Severity ?
Summary
The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8621F4C4-4475-469A-A58E-1EA21F6BD84D", versionEndExcluding: "3.8.23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.", }, { lang: "es", value: "El complemento The Ninja Forms – The Contact Form Builder That Grows With You para WordPress es vulnerable a la ejecución de códigos cortos arbitrarios en todas las versiones hasta la 3.8.22 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, ejecuten códigos cortos arbitrarios.", }, ], id: "CVE-2024-12238", lastModified: "2025-04-18T18:31:38.543", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.4, source: "security@wordfence.com", type: "Primary", }, ], }, published: "2024-12-29T06:15:05.487", references: [ { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.20/includes/Display/Preview.php#L68", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/524a2143-b15f-4edc-98de-dafef4c5bc00?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-02 08:15
Modified
2024-10-04 17:16
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/3c871dcd-51d7-4d3b-b036-efa9e066ff41/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "0CED05A1-AEA0-4E82-8D1A-C52865A2A766", versionEndExcluding: "3.8.11", versionStartIncluding: "3.8.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", }, { lang: "es", value: "El complemento Ninja Forms de WordPress anterior a la versión 3.8.11 no escapa una URL antes de mostrarla nuevamente en un atributo, lo que genera un error de Cross-Site Scripting Reflejado que podría usarse contra usuarios con privilegios elevados, como el administrador.", }, ], id: "CVE-2024-7354", lastModified: "2024-10-04T17:16:20.943", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-09-02T08:15:06.010", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/3c871dcd-51d7-4d3b-b036-efa9e066ff41/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-05 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "FAE814F3-7D20-4B24-B492-E124A8B7CD39", versionEndIncluding: "2.8.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.", }, { lang: "es", value: "Múltiples vulnerabilidades de XSS en el plugin Ninja Forms anterior a 2.8.9 para WordPress permiten a (1) atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro ninja_forms_field_1 en una acción ninja_forms_ajax_submit en wp-admin/admin-ajax.php o (2) administradores remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro fields[1] en wp-admin/post.php.", }, ], id: "CVE-2015-2220", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-03-05T16:59:02.570", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/534687/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74857", }, { source: "cve@mitre.org", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://packetstormsecurity.com/files/130369/WordPress-Ninja-Forms-2.8.8-Cross-Site-Scripting.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/534687/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-22 18:15
Modified
2024-11-21 06:10
Severity ?
Summary
The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "E923EB35-C3B2-4F95-8E70-D2A5ADAD33BC", versionEndIncluding: "3.5.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information.", }, { lang: "es", value: "El plugin Ninja Forms de WordPress es vulnerable a una divulgación de información confidencial por medio de la función bulk_export_submissions que se encuentra en el archivo ~/includes/Routes/Submissions.php, en versiones hasta la 3.5.7 incluyéndola. Esto permite a atacantes autenticados exportar todos los datos de los envíos de Ninja Forms por medio de la API REST /ninja-forms-submissions/export, que puede incluir información personal identificable", }, ], id: "CVE-2021-34647", lastModified: "2024-11-21T06:10:53.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security@wordfence.com", type: "Secondary", }, ], }, published: "2021-09-22T18:15:11.217", references: [ { source: "security@wordfence.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", }, { source: "security@wordfence.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "security@wordfence.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-06 15:15
Modified
2024-11-21 05:28
Severity ?
Summary
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Product, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "C578F7FF-CF4A-444F-AE44-7CB7CDCF0655", versionEndExcluding: "3.4.28", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.", }, { lang: "es", value: "El plugin Ninja Forms versiones anteriores a 3.4.28 para WordPress, carece de escape para los campos submissions-table", }, ], id: "CVE-2020-36173", lastModified: "2024-11-21T05:28:53.183", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-06T15:15:15.287", references: [ { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-116", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-05 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "1D256E36-541F-4CB0-935B-8328B39CB01D", versionEndIncluding: "2.8.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.", }, { lang: "es", value: "Vulnerabilidad no especificada en el plugin Ninja Forms anterior a 2.8.10 para WordPress tiene un impacto desconocido y vectores de ataque remotos relacionados con los usuarios de administración.", }, ], id: "CVE-2014-9688", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-05T16:59:00.053", references: [ { source: "cve@mitre.org", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-19 13:15
Modified
2025-04-07 17:55
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "CD598414-0E33-4984-84D8-92A633BAD957", versionEndExcluding: "3.6.26", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.", }, { lang: "es", value: "Vulnerabilidad de autorización faltante en Saturday Drive Ninja Forms. Este problema afecta a Ninja Forms: desde n/a hasta 3.6.25.", }, ], id: "CVE-2023-38386", lastModified: "2025-04-07T17:55:07.990", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-19T13:15:53.440", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-contributor-broken-access-control-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-contributor-broken-access-control-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-22 18:15
Modified
2024-11-21 06:10
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "E923EB35-C3B2-4F95-8E70-D2A5ADAD33BC", versionEndIncluding: "3.5.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.", }, { lang: "es", value: "El plugin Ninja Forms de WordPress es vulnerable al envío de correos electrónicos arbitrarios por medio de la función trigger_email_action que se encuentra en el archivo ~/includes/Routes/Submissions.php, en versiones hasta la 3.5.7 inclusive. Esto permite a atacantes autenticados enviar correos electrónicos arbitrarios desde el servidor afectado por medio de la API REST /ninja-forms-submissions/email-action, que puede ser usada para llevar a cabo ingeniería social a las víctimas", }, ], id: "CVE-2021-34648", lastModified: "2024-11-21T06:10:53.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-22T18:15:11.990", references: [ { source: "security@wordfence.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", }, { source: "security@wordfence.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners/", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "security@wordfence.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-26 21:15
Modified
2024-10-20 12:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "0D048C93-62B6-4AC0-A8E4-668736E658C6", versionEndExcluding: "3.8.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.", }, { lang: "es", value: "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Saturday Drive Ninja Forms. Este problema afecta a Ninja Forms: desde n/a hasta 3.8.6.", }, ], id: "CVE-2024-39628", lastModified: "2024-10-20T12:15:03.160", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-26T21:15:23.430", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-22 13:15
Modified
2024-11-21 04:02
Severity ?
Summary
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "B7552322-6CBD-4E3C-A3AE-1205DC63C53C", versionEndExcluding: "3.2.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.", }, { lang: "es", value: "El plugin ninja-forms versiones anteriores a 3.2.15 para WordPress, presenta una manipulación de parámetros.", }, ], id: "CVE-2018-20980", lastModified: "2024-11-21T04:02:37.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-22T13:15:12.607", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 13:15
Modified
2025-01-14 19:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "A483DE71-11CB-429C-997D-9476653F86C3", versionEndExcluding: "3.6.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", }, ], id: "CVE-2023-1835", lastModified: "2025-01-14T19:15:28.817", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-15T13:15:10.463", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", ], url: "https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", }
Vulnerability from fkie_nvd
Published
2019-08-22 13:15
Modified
2024-11-21 04:02
Severity ?
Summary
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "B86F80D8-E034-4B59-986F-EDAEB05CBA3B", versionEndExcluding: "3.3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.", }, { lang: "es", value: "El plugin ninja-forms versiones anteriores a 3.3.9 para WordPress, presenta restricciones insuficientes sobre la recuperación de datos de envío durante las peticiones de Exportación de Datos Personales.", }, ], id: "CVE-2018-20981", lastModified: "2024-11-21T04:02:37.130", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-22T13:15:12.670", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-14 20:15
Modified
2024-11-21 05:39
Severity ?
Summary
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://spider-security.co.uk/blog-cve-cve-2020-8594 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Vendor Advisory | |
| cve@mitre.org | https://wpvulndb.com/vulnerabilities/10070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://spider-security.co.uk/blog-cve-cve-2020-8594 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpvulndb.com/vulnerabilities/10070 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | 3.4.22 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:3.4.22:*:*:*:*:wordpress:*:*", matchCriteriaId: "B93301AE-4636-4246-ACA9-07B6D5573FC8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].", }, { lang: "es", value: "El plugin Ninja Forms versión 3.4.22 para WordPress, presenta múltiples vulnerabilidades de tipo XSS almacenado por medio del parámetro ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang] o ninja_forms[date_format].", }, ], id: "CVE-2020-8594", lastModified: "2024-11-21T05:39:05.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-14T20:15:09.980", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://spider-security.co.uk/blog-cve-cve-2020-8594", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://wpvulndb.com/vulnerabilities/10070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://spider-security.co.uk/blog-cve-cve-2020-8594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://wpvulndb.com/vulnerabilities/10070", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-04 13:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "FA58AF63-19E1-4D31-8462-5A68C644A9B1", versionEndExcluding: "3.6.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, { lang: "es", value: "El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.6.10, no sanea ni escapa de algunos datos importados, lo que permite a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada", }, ], id: "CVE-2021-25066", lastModified: "2024-11-21T05:54:17.163", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-04T13:15:08.497", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/323d5fd0-abe8-44ef-9127-eea6fd4f3f3d", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-07 12:15
Modified
2024-11-21 08:08
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "CD598414-0E33-4984-84D8-92A633BAD957", versionEndExcluding: "3.6.26", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.\n\n", }, { lang: "es", value: "Vulnerabilidad de consumo de recursos incontrolado en Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder para WordPress que conduce a DoS. Este problema afecta a Ninja Forms Contact Form – The Drag and Drop Form Builder para WordPress: desde n/a hasta 3.6.25.", }, ], id: "CVE-2023-35909", lastModified: "2024-11-21T08:08:57.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-07T12:15:07.610", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-denial-of-service-attack-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-denial-of-service-attack-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-29 07:15
Modified
2025-01-23 19:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the nf_download_all_subs AJAX action. This makes it possible for unauthenticated attackers to trigger an export of a form's submission to a publicly accessible location via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "504BEA08-652A-4175-9CE6-CAB552E601E4", versionEndExcluding: "3.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the nf_download_all_subs AJAX action. This makes it possible for unauthenticated attackers to trigger an export of a form's submission to a publicly accessible location via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", }, { lang: "es", value: "El complemento Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress de WordPress es vulnerable a la Cross-Site Request Forgery en todas las versiones hasta la 3.8.0 incluida. Esto se debe a una validación nonce faltante o incorrecta en la acción AJAX nf_download_all_subs. Esto hace posible que atacantes no autenticados activen una exportación del envío de un formulario a una ubicación de acceso público a través de una solicitud falsificada, siempre que puedan engañar a un administrador del sitio para que realice una acción como hacer clic en un enlace.", }, ], id: "CVE-2024-2113", lastModified: "2025-01-23T19:15:23.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-29T07:15:43.957", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/trunk/includes/Admin/CPT/DownloadAllSubmissions.php", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ebfc9f5-abb7-47bc-bd38-f60df1cccb5d?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/trunk/includes/Admin/CPT/DownloadAllSubmissions.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ebfc9f5-abb7-47bc-bd38-f60df1cccb5d?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Severity ?
Summary
In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "403E074F-25B4-413A-B38C-20754E72EEC6", versionEndExcluding: "3.4.34.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection.", }, { lang: "es", value: "En el plugin de WordPress Ninja Forms Contact Form versiones anteriores a 3.4.34.1, los usuarios de bajo nivel, como los suscriptores, podían desencadenar la acción, wp_ajax_nf_oauth, y recuperar la URL de conexión necesaria para establecer una conexión. También podrían recuperar el client_id para una conexión OAuth ya establecida", }, ], id: "CVE-2021-24164", lastModified: "2024-11-21T05:52:30.143", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-05T19:15:15.377", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", }, { source: "contact@wpscan.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/dfa32afa-c6de-4237-a9f2-709843dcda89", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "contact@wpscan.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-25 07:15
Modified
2024-10-02 18:26
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Successful exploitation of this vulnerability requires "maintenance mode" for a targeted form to be enabled. However, there is no setting available to the attacker or even an administrator-level user to enable this mode. The mode is only enabled during a required update, which is a very short window of time. Additionally, because of the self-based nature of this vulnerability, attackers would have to rely on additional techniques to execute a supplied payload in the context of targeted user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "B87AF47C-F282-49DF-AE34-E36093CB0A4D", versionEndExcluding: "3.8.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Successful exploitation of this vulnerability requires \"maintenance mode\" for a targeted form to be enabled. However, there is no setting available to the attacker or even an administrator-level user to enable this mode. The mode is only enabled during a required update, which is a very short window of time. Additionally, because of the self-based nature of this vulnerability, attackers would have to rely on additional techniques to execute a supplied payload in the context of targeted user.", }, { lang: "es", value: "El complemento Ninja Forms Contact Form para WordPress es vulnerable a Reflected Self-Based Cross-Site Scripting a través del encabezado \"Referer\" en todas las versiones hasta la 3.8.15 incluida, debido a una desinfección de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en páginas que se ejecutan si logran engañar a un usuario para que realice una acción, como hacer clic en un enlace. Para explotar con éxito esta vulnerabilidad, es necesario habilitar el \"modo de mantenimiento\" para un formulario específico. Sin embargo, no hay ninguna configuración disponible para el atacante o incluso para un usuario de nivel administrador para habilitar este modo. El modo solo se habilita durante una actualización requerida, que es un período de tiempo muy breve. Además, debido a la naturaleza basada en el auto-reflejo de esta vulnerabilidad, los atacantes tendrían que depender de técnicas adicionales para ejecutar un payload proporcionado en el contexto del usuario específico.", }, ], id: "CVE-2024-3866", lastModified: "2024-10-02T18:26:59.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-09-25T07:15:02.433", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3153292/ninja-forms", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6d6b82d-574d-4a56-9aef-42343c4b7c43?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-19 17:15
Modified
2025-01-23 17:12
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8B17C44E-D0B7-42AF-8143-ED02EF411CAC", versionEndIncluding: "3.8.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.", }, { lang: "es", value: "La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Saturday Drive Ninja Forms permite XSS almacenado. Este problema afecta a Ninja Forms: desde n/a hasta 3.8.16.", }, ], id: "CVE-2024-50514", lastModified: "2025-01-23T17:12:18.010", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 3.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-19T17:15:10.553", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-the-contact-form-builder-that-grows-with-you-plugin-3-8-16-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-26 13:15
Modified
2024-11-21 07:01
Severity ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864 | Exploit, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "E5207260-DBAE-4676-9626-3173864F07DB", versionEndExcluding: "3.6.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.", }, { lang: "es", value: "El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.6.13, no serializa el contenido de un archivo importado, lo que podría conllevar a problemas de inyecciones de objetos PHP cuando un administrador importa (intencionadamente o no) un archivo malicioso y una cadena de gadgets apropiada está presente en el blog.", }, ], id: "CVE-2022-2903", lastModified: "2024-11-21T07:01:54.100", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-26T13:15:10.513", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-02 05:15
Modified
2024-11-21 08:47
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "0FC02DB1-16BC-4D60-9B8D-EC7200DCAC32", versionEndIncluding: "3.7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export.", }, { lang: "es", value: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress es vulnerable a la inyección SQL de segundo orden a través del valor de la dirección de correo electrónico enviado a través de formularios en todas las versiones hasta la 3.7.1 incluida debido a un escape insuficiente en el parámetro proporcionado por el usuario y falta de preparación suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados inyecten SQL en su dirección de correo electrónico que agregará información adicional a la consulta ya existente cuando un administrador active una exportación de datos personales.", }, ], id: "CVE-2024-0685", lastModified: "2024-11-21T08:47:08.837", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-02T05:15:08.603", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3028929/ninja-forms/trunk/includes/Admin/UserDataRequests.php", }, { source: "security@wordfence.com", url: "https://sec.stealthcopter.com/ninja-contact-forms/", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb73d5d-ca4a-4103-866d-f7bb369a8ce4?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3028929/ninja-forms/trunk/includes/Admin/UserDataRequests.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sec.stealthcopter.com/ninja-contact-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb73d5d-ca4a-4103-866d-f7bb369a8ce4?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-22 13:15
Modified
2024-11-21 03:20
Severity ?
Summary
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "79FB5093-F01B-4ADE-8221-000235E6FA58", versionEndExcluding: "3.0.31", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.", }, { lang: "es", value: "El plugin ninja-forms versiones anteriores a 3.0.31 para WordPress, presenta un escape de HTML insuficiente en el builder.", }, ], id: "CVE-2017-18574", lastModified: "2024-11-21T03:20:26.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-22T13:15:12.387", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-03 06:29
Modified
2024-11-21 03:58
Severity ?
Summary
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "DE97F6AE-B38E-4939-8923-C7C0FFFC0830", versionEndExcluding: "3.3.19.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.", }, { lang: "es", value: "Una redirección abierta en el plugin Ninja Forms en versiones anteriores a la 3.3.19.1 para WordPress permite que los atacantes remotos redirijan a un usuario mediante el parámetro redirect en lib/StepProcessing/step-processing.php (también conocido como submissions download page).", }, ], id: "CVE-2018-19796", lastModified: "2024-11-21T03:58:34.783", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-03T06:29:00.697", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", }, { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "cve@mitre.org", url: "https://wpvulndb.com/vulnerabilities/9154", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wpvulndb.com/vulnerabilities/9154", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-30 08:15
Modified
2025-02-04 18:51
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "B7768D25-97DE-4985-BB69-E1575C95430B", versionEndExcluding: "3.8.25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento Ninja Forms – The Contact Form Builder That Grows With You para WordPress es vulnerable a Cross-Site Scripting Almacenado a través del código corto del complemento en todas las versiones hasta la 3.8.24 y incluida, debido a la falta de entrada desinfección y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitraria en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2024-13470", lastModified: "2025-02-04T18:51:38.467", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-30T08:15:26.690", references: [ { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/includes/Display/Render.php#L708", }, { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/includes/Display/Shortcodes.php#L8", }, { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.23/ninja-forms.php#L953", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3229932%40ninja-forms%2Ftrunk&old=3226451%40ninja-forms%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f2b46a9-d228-43b4-84af-d56218076087?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-27 15:15
Modified
2024-11-21 08:12
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "CD598414-0E33-4984-84D8-92A633BAD957", versionEndExcluding: "3.6.26", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.", }, ], id: "CVE-2023-37979", lastModified: "2024-11-21T08:12:37.883", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-27T15:15:11.507", references: [ { source: "audit@patchstack.com", url: "http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html", }, { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve", }, { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-11 03:15
Modified
2025-04-08 15:17
Severity ?
Summary
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "504BEA08-652A-4175-9CE6-CAB552E601E4", versionEndExcluding: "3.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.", }, { lang: "es", value: "Ninja Forms anterior a 3.8.1 contiene una vulnerabilidad de cross-site scripting en el procesamiento de envíos. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accede al sitio web utilizando el producto.", }, ], id: "CVE-2024-26019", lastModified: "2025-04-08T15:17:37.193", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-04-11T03:15:09.767", references: [ { source: "vultures@jpcert.or.jp", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-14 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "86CDECEF-6E59-4DC8-9836-FC022966C2A2", versionEndIncluding: "2.9.42", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.", }, { lang: "es", value: "El plugin Ninja Forms en versiones anteriores a 2.9.42.1 para WordPress permite a atacantes remotos llevar a cabo ataques de inyección de objetos PHP a través de valores serializados manipulados en una petición POST.", }, ], id: "CVE-2016-1209", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-14T15:59:03.020", references: [ { source: "vultures@jpcert.or.jp", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN44657371/index.html", }, { source: "vultures@jpcert.or.jp", tags: [ "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064", }, { source: "vultures@jpcert.or.jp", tags: [ "Exploit", ], url: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", }, { source: "vultures@jpcert.or.jp", url: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", }, { source: "vultures@jpcert.or.jp", tags: [ "Exploit", ], url: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", }, { source: "vultures@jpcert.or.jp", url: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", }, { source: "vultures@jpcert.or.jp", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { source: "vultures@jpcert.or.jp", url: "https://wpvulndb.com/vulnerabilities/8485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN44657371/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000064", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.rapid7.com/db/modules/exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ninjaforms.com/important-security-update-always-hurt-ones-love/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wordpress.org/plugins/ninja-forms/changelog/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wpvulndb.com/vulnerabilities/8485", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-06 15:15
Modified
2024-11-21 05:28
Severity ?
Summary
The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "08B56FED-C65F-4591-8758-877751117F94", versionEndExcluding: "3.4.27.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.", }, { lang: "es", value: "El plugin Ninja Forms versiones anteriores a 3.4.27.1 para WordPress, permite un ataque de tipo CSRF por medio de la integración de servicios", }, ], id: "CVE-2020-36174", lastModified: "2024-11-21T05:28:53.347", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-06T15:15:15.350", references: [ { source: "cve@mitre.org", tags: [ "Product", "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-17 09:15
Modified
2025-04-15 19:58
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "503C490B-4EF2-423A-92D8-D797972A8C34", versionEndExcluding: "3.6.25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.\n\n", }, { lang: "es", value: "Vulnerabilidad de validación de entrada incorrecta en Saturday Drive Ninja Forms Contact Form. Este problema afecta al formulario de contacto de Ninja Forms: desde n/a hasta 3.6.24.", }, ], id: "CVE-2023-36505", lastModified: "2025-04-15T19:58:20.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-04-17T09:15:07.540", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "audit@patchstack.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-19 15:15
Modified
2024-11-21 08:13
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "D4F0D95F-8D31-47E0-BFEF-5890FA8EF9B8", versionEndIncluding: "3.6.26", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.", }, { lang: "es", value: "Vulnerabilidad de autorización faltante en Saturday Drive Ninja Forms. Este problema afecta a Ninja Forms: desde n/a hasta 3.6.25.", }, ], id: "CVE-2023-38393", lastModified: "2024-11-21T08:13:28.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-19T15:15:57.420", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-subscriber-broken-access-control-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-subscriber-broken-access-control-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-11 03:15
Modified
2025-04-08 15:17
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "5DBBE260-03F1-456D-9613-3C482DFAECA2", versionEndExcluding: "3.4.31", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.", }, { lang: "es", value: "Vulnerabilidad de Cross-site request forgery (CSRF) existe en Ninja Forms antes de la versión 3.4.31. Si un administrador de un sitio web ve una página maliciosa mientras inicia sesión, se pueden realizar operaciones no deseadas.", }, ], id: "CVE-2024-25572", lastModified: "2025-04-08T15:17:15.773", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-04-11T03:15:09.693", references: [ { source: "vultures@jpcert.or.jp", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-09 13:15
Modified
2024-11-21 09:24
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "13EACE57-33C6-4573-A4A0-37CB9E8D0976", versionEndExcluding: "3.8.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.", }, { lang: "es", value: "La vulnerabilidad de control inadecuado de la generación de código (\"inyección de código\") en Saturday Drive Ninja Forms permite la inyección de código. Este problema afecta a Ninja Forms: desde n/a hasta 3.8.4.", }, ], id: "CVE-2024-37934", lastModified: "2024-11-21T09:24:32.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-09T13:15:10.660", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-4-subscriber-arbitrary-shortcode-execution-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-4-subscriber-arbitrary-shortcode-execution-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Severity ?
Summary
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "3F043B37-549B-4242-925D-04A22CEA8042", versionEndExcluding: "3.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.", }, { lang: "es", value: "La acción AJAX, wp_ajax_ninja_forms_sendwp_remote_install_handler, no tenía una comprobación de capacidad, ni tenía ninguna protección nonce, por lo que era posible para usuarios de bajo nivel, como los suscriptores, instalar y activar el SendWP Ninja Forms Contact Form †- El Drag and Drop Form Builder para WordPress“, para el plugin de WordPress versiones anteriores a 3.4.34 y recuperar la clave client_secret necesaria para establecer la conexión SendWP al mismo tiempo que se instala el plugin SendWP", }, ], id: "CVE-2021-24163", lastModified: "2024-11-21T05:52:30.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-05T19:15:15.310", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", }, { source: "contact@wpscan.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "contact@wpscan.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-12 06:15
Modified
2025-04-11 14:59
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "555E595E-13F1-4980-988C-33DFC0217A7E", versionEndExcluding: "3.8.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento Ninja Forms – The Contact Form Builder That Grows With You para WordPress es vulnerable a Cross-Site Scripting almacenado a través del parámetro calculations en todas las versiones hasta la 3.8.19 incluida , debido a una desinfección de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2024-11052", lastModified: "2025-04-11T14:59:52.230", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-12T06:15:20.953", references: [ { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/browser/ninja-forms/tags/3.8.18/includes/Admin/Metaboxes/Calculations.php#L26", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3adf367-0126-4d95-b337-cc3581975113?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-02-21 16:29
Modified
2024-11-21 04:11
Severity ?
Summary
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "96FBD5C8-457A-4DB2-BB55-FF1D61DA6C4C", versionEndExcluding: "3.2.14", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.2.14 for WordPress has XSS.", }, { lang: "es", value: "El plugin Ninja Forms en versiones anteriores a la 3.2.14 para WordPress tiene Cross-Site Scripting (XSS).", }, ], id: "CVE-2018-7280", lastModified: "2024-11-21T04:11:55.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-02-21T16:29:01.050", references: [ { source: "cve@mitre.org", tags: [ "Product", "Release Notes", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-04 13:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "FA58AF63-19E1-4D31-8462-5A68C644A9B1", versionEndExcluding: "3.6.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.", }, { lang: "es", value: "El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.6.10, no sanea ni escapa de las etiquetas de los campos, lo que permite a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html no está permitida", }, ], id: "CVE-2021-25056", lastModified: "2024-11-21T05:54:16.047", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-04T13:15:08.430", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/795acab2-f621-4662-834b-ebb6205ef7de", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "contact@wpscan.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-06 21:15
Modified
2024-11-21 08:41
Severity ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://ninjaforms.com/blog/saturday-drive-x-edition/ | Release Notes, Vendor Advisory | |
| contact@wpscan.com | https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ninjaforms.com/blog/saturday-drive-x-edition/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8AE6BEE5-6ED8-4133-A08C-041F9B35FA9C", versionEndExcluding: "3.6.34", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue", }, { lang: "es", value: "El complemento Ninja Forms Contact Form para WordPress anterior a 3.6.34 no sanitiza ni escapa de sus campos de etiqueta, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques XSS almacenados. Solo los usuarios con la capacidad unfiltered_html pueden realizar esto, y dichos usuarios ya pueden usar JS en publicaciones/comentarios, etc. Sin embargo, el proveedor reconoció y solucionó el problema.", }, ], id: "CVE-2023-5530", lastModified: "2024-11-21T08:41:56.960", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-11-06T21:15:10.003", references: [ { source: "contact@wpscan.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://ninjaforms.com/blog/saturday-drive-x-edition/", }, { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://ninjaforms.com/blog/saturday-drive-x-edition/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/a642f313-cc3e-4d75-b207-1dceb6a7fbae", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Severity ?
Summary
In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "3F043B37-549B-4242-925D-04A22CEA8042", versionEndExcluding: "3.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.", }, { lang: "es", value: "En el plugin de WordPress Ninja Forms Contact Form versiones anteriores a 3.4.34, la acción AJAX wp_ajax_nf_oauth_connect era vulnerable a un redireccionamiento abierto debido al uso de un parámetro de redireccionamiento proporcionado por el usuario y sin protección en su lugar", }, ], id: "CVE-2021-24165", lastModified: "2024-11-21T05:52:30.280", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-05T19:15:15.437", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", }, { source: "contact@wpscan.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "contact@wpscan.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-19 17:15
Modified
2025-01-23 17:09
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8B17C44E-D0B7-42AF-8143-ED02EF411CAC", versionEndIncluding: "3.8.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16.", }, { lang: "es", value: "La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Saturday Drive Ninja Forms permite XSS almacenado. Este problema afecta a Ninja Forms: desde n/a hasta 3.8.16.", }, ], id: "CVE-2024-50515", lastModified: "2025-01-23T17:09:36.233", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 3.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-19T17:15:10.777", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-the-contact-form-builder-that-grows-with-you-plugin-3-8-16-cross-site-scripting-xss-vulnerability-2?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-18 00:15
Modified
2024-09-25 15:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "A137290A-B5F9-4CCD-A806-1CDE277FE785", versionEndExcluding: "3.8.12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.", }, { lang: "es", value: "La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Saturday Drive Ninja Forms permite XSS almacenado. Este problema afecta a Ninja Forms: desde n/a hasta 3.8.11.", }, ], id: "CVE-2024-43999", lastModified: "2024-09-25T15:15:43.683", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 3.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-09-18T00:15:09.110", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-11-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-29 07:15
Modified
2025-01-23 19:18
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "504BEA08-652A-4175-9CE6-CAB552E601E4", versionEndExcluding: "3.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress de WordPress es vulnerable a cross-site scripting almacenado a través de un título de imagen incrustado en un formulario en todas las versiones hasta la 3.8.0 incluida debido a una sanitización de entrada insuficiente y el escape de salida. Esto hace posible que atacantes autenticados, con acceso a nivel de autor y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2024-2108", lastModified: "2025-01-23T19:18:21.527", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 2.5, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-29T07:15:43.613", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/tags/3.8.1/includes/Fields/ListImage.php", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a6eb430-cf86-4e13-a4f7-173fada9fddf?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset/3059780/ninja-forms/tags/3.8.1/includes/Fields/ListImage.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a6eb430-cf86-4e13-a4f7-173fada9fddf?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-29 09:15
Modified
2024-11-21 05:53
Severity ?
Summary
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "C169D382-515C-4AF7-8A42-3C357337BB80", versionEndExcluding: "3.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks", }, { lang: "es", value: "El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.6.4, no escapa las claves del parámetro POST de los campos, que podría permitir a usuarios con altos privilegios llevar a cabo ataques de inyecciones SQL", }, ], id: "CVE-2021-24889", lastModified: "2024-11-21T05:53:57.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-29T09:15:07.800", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-11 03:15
Modified
2025-04-08 15:19
Severity ?
Summary
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "504BEA08-652A-4175-9CE6-CAB552E601E4", versionEndExcluding: "3.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.", }, { lang: "es", value: "Ninja Forms anterior a 3.8.1 contiene una vulnerabilidad de cross-site scripting en campos personalizados para etiquetas. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accede al sitio web utilizando el producto.", }, ], id: "CVE-2024-29220", lastModified: "2025-04-08T15:19:15.483", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-04-11T03:15:09.823", references: [ { source: "vultures@jpcert.or.jp", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/jp/JVN50361500/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://ninjaforms.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://wordpress.org/plugins/ninja-forms/", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-06 15:15
Modified
2024-11-21 05:28
Severity ?
Summary
The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Product, Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "08B56FED-C65F-4591-8758-877751117F94", versionEndExcluding: "3.4.27.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.", }, { lang: "es", value: "El plugin Ninja Forms versiones anteriores a 3.4.27.1 para WordPress, permite a atacantes omitir la comprobación por medio del campo email", }, ], id: "CVE-2020-36175", lastModified: "2024-11-21T05:28:53.510", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-06T15:15:15.413", references: [ { source: "cve@mitre.org", tags: [ "Product", "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-01 18:29
Modified
2024-11-21 03:52
Severity ?
Summary
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://wordpress.org/plugins/ninja-forms/#developers | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/45234/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/ninja-forms/#developers | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/45234/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "758C2D96-EF1E-4369-8CD2-F34E64E5FF6F", versionEndExcluding: "3.3.14.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.", }, { lang: "es", value: "El plugin Ninja Forms en versiones anteriores a la 3.3.14.1 para WordPress permite la inyección CSV.", }, ], id: "CVE-2018-16308", lastModified: "2024-11-21T03:52:30.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-01T18:29:00.257", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/45234/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://wordpress.org/plugins/ninja-forms/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/45234/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1236", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-16 18:15
Modified
2024-11-21 06:14
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ninjaforms | ninja_forms | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "F4286095-A9D2-4F2F-A96D-FA51E37D4CB5", versionEndIncluding: "3.6.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via \"label\".", }, { lang: "es", value: "Una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenado y autenticado (rol de administrador o usuario superior) en el plugin Ninja Forms Contact Form versiones anteriores a 3.6.9 incluyéndola, de Saturday Drive en WordPress por medio de \"label\"", }, ], id: "CVE-2021-36827", lastModified: "2024-11-21T06:14:09.637", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "audit@patchstack.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-16T18:15:09.540", references: [ { source: "audit@patchstack.com", url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }