Description
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress version 3.3.19 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.3.19.1 or latest
References
Related Vulnerabilities
WordPress Plugin Good LMS-Learning Management System SQL Injection (2.1.4)
WordPress Plugin iQ Block Country Unspecified Vulnerability (1.1.33)
WordPress Plugin Disclosure Policy 'abspath' Parameter Remote File Include (1.0)
WordPress Plugin wpCentral Privilege Escalation (1.5.0)
WordPress Plugin No Page Comment Multiple Vulnerabilities (1.1)