4 matches found
WordPress Ninja Forms Plugin Cross-Site Scripting (CVE-2015-2220)
Multiple cross-site scripting vulnerabilities exist in WordPress Ninja Forms Plugin. Successful exploitation of these vulnerabilities would allow remote attackers to inject an arbitrary web script into the affected system...
CVE-2015-2220
Multiple cross-site scripting XSS vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the ninjaformsfield1 parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php or 2 remote administrators to injec...
CVE-2015-2220
The CVE-2015-2220 entry concerns the WordPress Ninja Forms plugin with XSS vulnerabilities in versions before 2.8.9. Two vectors are reported: (1) via ninja_forms_field_1 in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php, and (2) via fields[1] in wp-admin/post.php. These permit remot...
CVE-2015-2220
Multiple cross-site scripting XSS vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the ninjaformsfield1 parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php or 2 remote administrators to injec...