Lucene search
PRIOn knowledge basePRION:CVE-2023-1835HistoryMay 15, 2023 - 1:15 p.m.
Cross site scripting
2023-05-1513:15:00
PRIOn knowledge base
www.prio-n.com
4
wordpress
plugin
ninja forms
contact form
cross-site scripting
reflected
admin page
user input
security
0.001 Low
EPSS
Percentile
49.1%
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
| CPE | Name | Operator | Version |
|---|---|---|---|
| ninja_forms | lt | 3.6.22 |
Related
nuclei
nuclei
Ninja Forms < 3.6.22 - Cross-Site Scripting
2023-07-07 09:38:49
cve
cve
CVE-2023-1835
2023-05-15 13:15:10
wpexploit
wpexploit
Ninja Forms < 3.6.22 - Reflected XSS
2023-04-24 00:00:00
wpvulndb
wpvulndb
Ninja Forms < 3.6.22 - Reflected XSS
2023-04-24 00:00:00
nvd
nvd
CVE-2023-1835
2023-05-15 13:15:10
openvas
openvas
WordPress Ninja Forms Contact Form Plugin < 3.6.22 XSS Vulnerability
2023-05-16 00:00:00
cvelist
cvelist
CVE-2023-1835 Ninja Forms < 3.6.22 - Reflected XSS
2023-05-15 12:15:46
wordfence
wordfence