Ninja Forms <= 3.3.19 - Authenticated Open Redirect



Description
Open Redirect vulnerability in download submission page using URL parameter.

Affects Plugin

References

CVE 2018-19796
URL https://plugins.trac.wordpress.org/changeset/1982808/ninja-forms/trunk/lib/StepProcessing/step-processing.php

Classification

Type REDIRECT
CWE CWE-601

Miscellaneous

Original Researcher MTK (Muhammad Talha Khan)
Submitter MTK (Muhammad Talha Khan)
Submitter Website http://mtk911.cf
Submitter Twitter @m7k911
Views 4985
Verified No
WPVDB ID 9154

Timeline

Publicly Published 2018-12-01 (about 1 year ago)
Added 2018-12-04 (about 1 year ago)
Last Updated 2019-11-01 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin