9 matches found
WordPress Ninja Forms 3.6.25 Cross Site Scripting
Exploit Title: WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS Authenticated Google Dork: inurl:/wp-content/plugins/ninja-forms/readme.txt Date: 2023-07-27 Exploit Author: Mehran Seifalinia Vendor Homepage: https://ninjaforms.com/ Software Link:...
WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS
Exploit Title: WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS Authenticated Google Dork: inurl:/wp-content/plugins/ninja-forms/readme.txt Date: 2023-07-27 Exploit Author: Mehran Seifalinia Vendor Homepage: https://ninjaforms.com/ Software Link:...
Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms
CVE-2023-37979 Exploit !Python Versionhttps://img.shields...
Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms
CVE-2023-37979 Exploit !Python Versionhttps://img.shields...
Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable
Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below,...
WordPress Ninja Forms Contact Form Plugin < 3.6.26 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ninjaforms:contactform"; ifdescription...
CVE-2023-37979 WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Saturday Drive Ninja Forms Contact Form plugin = 3.6.25 versions...
CVE-2023-37979
The CVE-2023-37979 entry maps to the Ninja Forms WordPress plugin with reflected XSS in versions
WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Cross Site Scripting (XSS)
Software Ninja Forms Type Plugin Vulnerable versions = 3.6.25 Fixed in 3.6.26 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-37979 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 584a630933ad Credits Rafie Muhammad...