Lucene search
+L

4 matches found

CVE
CVE
added 2024/06/19 2:15 p.m.96 views

CVE-2023-38393

CVE-2023-38393 is a vulnerability in WordPress Ninja Forms plugin versions ≤ 3.6.25, described as Missing Authorization / Broken Access Control. The issue permits a user with Subscriber/Contributor roles to perform an unauthorized action (export of all Ninja Forms submissions) due to a broken acc...

8.8CVSS7.8AI score0.00427EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2023/07/31 6:42 a.m.149 views

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below,...

6.3AI score0.0601EPSS
Exploits6
OpenVAS
OpenVAS
added 2023/07/28 12:0 a.m.40 views

WordPress Ninja Forms Contact Form Plugin < 3.6.26 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ninjaforms:contactform"; ifdescription...

9.8CVSS6.7AI score0.0601EPSS
Exploits6References1
Patchstack
Patchstack
added 2023/07/25 12:0 a.m.20 views

WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Broken Access Control

Software Ninja Forms Type Plugin Vulnerable versions = 3.6.25 Fixed in 3.6.26 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-38393 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID 44e08fdf7aed Credits Rafie Muhammad Patchstack...

8.8CVSS6.5AI score0.00427EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder