Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:24 a.m.14 views

CVE-2023-38386

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

9.8CVSS6.9AI score0.00431EPSS
Exploits0References1
CVE
CVE
added 2024/06/19 1:6 p.m.104 views

CVE-2023-38386

CVE-2023-38386 affects the WordPress Ninja Forms plugin, specifically versions up to 3.6.25, due to a Missing Authorization/Broken Access Control issue in the form submissions export feature. Root cause involves insufficient access restrictions allowing certain users to export submissions. The CV...

9.8CVSS7.5AI score0.00431EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/19 1:6 p.m.26 views

CVE-2023-38386 WordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerability

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

7.6CVSS6.9AI score0.00431EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/07/31 6:42 a.m.147 views

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below,...

6.3AI score0.0601EPSS
Exploits6
OpenVAS
OpenVAS
added 2023/07/28 12:0 a.m.40 views

WordPress Ninja Forms Contact Form Plugin < 3.6.26 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ninjaforms:contactform"; ifdescription...

9.8CVSS6.7AI score0.0601EPSS
Exploits6References1
Patchstack
Patchstack
added 2023/07/25 12:0 a.m.15 views

WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Broken Access Control

Software Ninja Forms Type Plugin Vulnerable versions = 3.6.25 Fixed in 3.6.26 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-38386 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 6638721a79c1 Credits Rafie Muhammad Patchstack...

9.8CVSS6.6AI score0.00431EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder