CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0889 – Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-0889
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scripting due to missing sanitization of the files filename parameter found in the ~/includes/ajax/controllers/uploads.php file which can be used by unauthenticated attackers to add malicious web scripts to vulnerable WordPress sites, in versions up to and including 3.3.12. El plugin Ninja Forms - File Uploads Extension de WordPress es vulnerable a un ataque de tipo cross-site scripting reflejado debido a una falta de saneo del parámetro files filename que se encuentra en el archivo ~/includes/ajax/controllers/uploads.php que puede ser usado por atacantes no autenticados para añadir scripts web maliciosos a sitios de WordPress vulnerables, en versiones hasta la 3.3.12 incluyéndola • https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021) https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2022-0888 – Ninja Forms - File Uploads Extension <= 3.3.0 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2022-0888
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to upload malicious files that can be used to obtain remote code execution, in versions up to and including 3.3.0 El plugin Ninja Forms - File Uploads Extension de WordPress es vulnerable a una carga de archivos arbitrarios debido a la insuficiente comprobación del tipo de archivo de entrada encontrada en el archivo ~/includes/ajax/controllers/uploads.php que puede ser evitado haciendo posible que atacantes no autenticados carguen archivos maliciosos que pueden ser usados para obtener una ejecución de código remota, en versiones hasta la 3.3.0 incluyéndola • https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607 https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 9%CPEs: 1EXPL: 2CVE-2019-10869 – Ninja Forms - File Uploads <= 3.0.22 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2019-10869
Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. Existe un salto de directorio y una subida de archivo sin restricciones en el pugin Ninja Forms anterior a 3.0.23 para WordPress (cuando el add-on Uploads esta activado). Esto permite a un atacante atravesar el sistema de archivos para acceder a los archivos y ejecutar código a través de los parámetros includes/fields/upload.php (conocido como página upload/submit) nombre y tmp_name. • https://github.com/KTN1990/CVE-2019-10869 https://wpvulndb.com/vulnerabilities/9272 https://www.onvio.nl/nieuws/ninjaforms-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •