Description

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress version 2.9.24 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.9.25 or latest

References

https://wordpress.org/plugins/ninja-forms/changelog/

Related Vulnerabilities

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud SQL Injection (4.10.8)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39117)

Magento CVE-2019-8136 Vulnerability (CVE-2019-8136)

WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.10)

WordPress Plugin Really Simple Share Cross-Site Request Forgery (2.9.9)

Severity

High

Tags

Missing Update