911 matches found
CVE-2015-2220
The CVE-2015-2220 entry concerns the WordPress Ninja Forms plugin with XSS vulnerabilities in versions before 2.8.9. Two vectors are reported: (1) via ninja_forms_field_1 in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php, and (2) via fields[1] in wp-admin/post.php. These permit remot...
CVE-2015-2220
Multiple cross-site scripting XSS vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the ninjaformsfield1 parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php or 2 remote administrators to injec...
WordPress Ninja Forms Plugin <= 2.8.9 - Unspecified Vulnerability
Because of this vulnerability in Ninja Forms plugin, remote attack vectors are related to admin users. Solution Update the plugin...
WordPress Ninja Forms Plugin <= 2.8.8 - Multiple XSS
Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "ninjaformsfield1" parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php. Also, multiple cross site scripting vulnerabilities allow the administrators to inject arbitrary web script or...
WordPress Ninja Forms 2.8.8 Cross Site Scripting
============================================================ - Title: Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability - Vulnerable Version: 2.8.8 and probably prior -Tested Version:2.8.8 - Vendor Notification: 20 November 2014 - Vendor Patch: 20 November 2014 -Vulnerabili...
Ninja Forms <= 2.8.8 - Stored & Reflected XSS
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Stored & Reflected XSS security vulnerability...
Ninja Forms <= 2.8.9 - Unspecified Issue Affecting Admin Users
This version includes a fix for a potential security vulnerability for admin users...
Ninja Forms 2.8.6 - Reflected Cross-Site Scripting (XSS)
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...
WordPress Ninja Forms Plugin - Authorization Bypass
Ninja Forms plugin is prone to an authorization BYPASS vulnerability that allows an attacker to bypass security restrictions and perform unauthorized actions. Solution Update the plugin...
WordPress Plugin Ninja Forms 2.7.7 - Authentication Bypass
WordPress Plugin Ninja Forms 2.7.7 - Authentication Bypass source: https://www.securityfocus.com/bid/69740/info The Ninja Forms Plugin for WordPress is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthoriz...
WordPress Plugin Ninja Forms 2.7.7 - Authentication Bypass
source: https://www.securityfocus.com/bid/69740/info The Ninja Forms Plugin for WordPress is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Ninj...