Ninja Forms <= 3.3.21 - XSS and SQLi



Description
Reflected XSS vulnerability in the administrative dashboard.

Blind SQL injection vulnerability in the search filter on the submissions page. 

Affects Plugin

fixed in version 3.3.21.3

Classification

Type MULTI

Miscellaneous

Views 2500
Verified No
WPVDB ID 9355

Timeline

Publicly Published 2019-01-10 (10 months ago)
Added 2019-06-18 (5 months ago)
Last Updated 2019-06-18 (5 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin