3 matches found
CVE-2024-37934
Improper Control of Generation of Code 'Code Injection' vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4...
CVE-2024-37934
The CVE-2024-37934 entry concerns the Ninja Forms WordPress plugin. Public sources describe an improper generation of code (code injection) vulnerability that enables Arbitrary Shortcode Execution in Ninja Forms versions up to 3.8.4. Connected Red Hat/Wordfence references corroborate a vulnerabil...
WordPress Ninja Forms Plugin <= 3.8.4 is vulnerable to Broken Access Control
Software Ninja Forms Type Plugin Vulnerable versions = 3.8.4 Fixed in 3.8.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37934 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5bd0529a71e3 Credits Rafie Muhammad Patchstack Require...