CVE-2019-10869 – Ninja Forms - File Uploads <= 3.0.22 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2019-10869
Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. Existe un salto de directorio y una subida de archivo sin restricciones en el pugin Ninja Forms anterior a 3.0.23 para WordPress (cuando el add-on Uploads esta activado). Esto permite a un atacante atravesar el sistema de archivos para acceder a los archivos y ejecutar código a través de los parámetros includes/fields/upload.php (conocido como página upload/submit) nombre y tmp_name. • https://github.com/KTN1990/CVE-2019-10869 https://wpvulndb.com/vulnerabilities/9272 https://www.onvio.nl/nieuws/ninjaforms-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2019-15025 – Ninja Forms Contact Form <= 3.3.21.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2019-15025
The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page. El plugin ninja-forms versiones anteriores a 3.3.21.2 para WordPress, presenta una inyección SQL en el filtro de búsqueda en la página submissions. • https://wordpress.org/plugins/ninja-forms/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2018-19796 – Ninja Forms Contact Form <= 3.3.19 - Authenticated Open Redirect
https://notcve.org/view.php?id=CVE-2018-19796
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter. Una redirección abierta en el plugin Ninja Forms en versiones anteriores a la 3.3.19.1 para WordPress permite que los atacantes remotos redirijan a un usuario mediante el parámetro redirect en lib/StepProcessing/step-processing.php (también conocido como submissions download page). • https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php https://wordpress.org/plugins/ninja-forms/#developers https://wpvulndb.com/vulnerabilities/9154 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2018-16308 – Ninja Forms Contact Form <= 3.3.13 - CSV Injection
https://notcve.org/view.php?id=CVE-2018-16308
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. El plugin Ninja Forms en versiones anteriores a la 3.3.14.1 para WordPress permite la inyección CSV. • https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html https://wordpress.org/plugins/ninja-forms/#developers https://www.exploit-db.com/exploits/45234 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVE-2018-20981 – Ninja Forms <= 3.3.8 - Insufficient Restrictions during Export Personal Data requests
https://notcve.org/view.php?id=CVE-2018-20981
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. El plugin ninja-forms versiones anteriores a 3.3.9 para WordPress, presenta restricciones insuficientes sobre la recuperación de datos de envío durante las peticiones de Exportación de Datos Personales. • https://wordpress.org/plugins/ninja-forms/#developers • CWE-20: Improper Input Validation •