CVE-2022-0889 – Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-0889
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scripting due to missing sanitization of the files filename parameter found in the ~/includes/ajax/controllers/uploads.php file which can be used by unauthenticated attackers to add malicious web scripts to vulnerable WordPress sites, in versions up to and including 3.3.12. El plugin Ninja Forms - File Uploads Extension de WordPress es vulnerable a un ataque de tipo cross-site scripting reflejado debido a una falta de saneo del parámetro files filename que se encuentra en el archivo ~/includes/ajax/controllers/uploads.php que puede ser usado por atacantes no autenticados para añadir scripts web maliciosos a sitios de WordPress vulnerables, en versiones hasta la 3.3.12 incluyéndola • https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021) https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24889 – Ninja Forms < 3.6.4 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-24889
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.6.4, no escapa las claves del parámetro POST de los campos, que podría permitir a usuarios con altos privilegios llevar a cabo ataques de inyecciones SQL • https://wpscan.com/vulnerability/55008a42-eb56-436c-bce0-10ee616d0495 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2021-24381 – NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24381
The Ninja Forms Contact Form WordPress plugin before 3.5.8.2 does not sanitise and escape the custom class name of the form field created, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. El plugin Ninja Forms Contact Form de WordPress versiones anteriores a 3.5.8.2, no sanea ni escapa del nombre de la clase personalizada del campo form creado, lo que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada • https://wpscan.com/vulnerability/e383fae6-e0da-4aba-bb62-adf51c01bf8d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-34647 – Ninja Forms <= 3.5.7 Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2021-34647
The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information. El plugin Ninja Forms de WordPress es vulnerable a una divulgación de información confidencial por medio de la función bulk_export_submissions que se encuentra en el archivo ~/includes/Routes/Submissions.php, en versiones hasta la 3.5.7 incluyéndola. Esto permite a atacantes autenticados exportar todos los datos de los envíos de Ninja Forms por medio de la API REST /ninja-forms-submissions/export, que puede incluir información personal identificable • https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L107 https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •
CVE-2021-34648 – Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection
https://notcve.org/view.php?id=CVE-2021-34648
The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims. El plugin Ninja Forms de WordPress es vulnerable al envío de correos electrónicos arbitrarios por medio de la función trigger_email_action que se encuentra en el archivo ~/includes/Routes/Submissions.php, en versiones hasta la 3.5.7 inclusive. Esto permite a atacantes autenticados enviar correos electrónicos arbitrarios desde el servidor afectado por medio de la API REST /ninja-forms-submissions/email-action, que puede ser usada para llevar a cabo ingeniería social a las víctimas • https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/Submissions.php?rev=2543837#L155 https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninja-forms-plugin-affects-over-1-million-site-owners • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •