Ninja Forms <= 3.3.21 - XSS and SQLi



Description
Reflected XSS vulnerability in the administrative dashboard.

Blind SQL injection vulnerability in the search filter on the submissions page. 

Affects Plugin

Classification

Type MULTI

Miscellaneous

Views 2745
Verified No
WPVDB ID 9355

Timeline

Publicly Published 2019-01-10 (about 1 year ago)
Added 2019-06-18 (7 months ago)
Last Updated 2019-06-18 (7 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin