// For flags

CVE-2019-10869

Ninja Forms - File Uploads <= 3.0.22 - Unauthenticated Arbitrary File Upload

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters.

Existe un salto de directorio y una subida de archivo sin restricciones en el pugin Ninja Forms anterior a 3.0.23 para WordPress (cuando el add-on Uploads esta activado). Esto permite a un atacante atravesar el sistema de archivos para acceder a los archivos y ejecutar código a través de los parámetros includes/fields/upload.php (conocido como página upload/submit) nombre y tmp_name.

*Credits: Jasper Weijts
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-04-04 CVE Reserved
  • 2019-04-11 CVE Published
  • 2019-05-17 First Exploit
  • 2024-08-04 CVE Updated
  • 2024-09-27 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • CWE-434: Unrestricted Upload of File with Dangerous Type
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ninjaforms
Search vendor "Ninjaforms"
Ninja Forms File Uploads
Search vendor "Ninjaforms" for product "Ninja Forms File Uploads"
< 3.0.23
Search vendor "Ninjaforms" for product "Ninja Forms File Uploads" and version " < 3.0.23"
wordpress
Affected