Vulnerability CVE-2023-37979

Vulnerability CVE-2023-37979

Published: 2023-07-27

Description:

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

See advisories in our WLB2 database:

	Topic	Author	Date
Low	WordPress Ninja Forms 3.6.25 Cross Site Scripting	Mehran Seifalini...	08.08.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

References:

https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve

https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Vulnerability CVE-2023-37979

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

See advisories in our WLB2 database:

Low

WordPress Ninja Forms 3.6.25 Cross Site Scripting

CWE-79

References: