An open redirect in the Ninja Forms plugin prior to 3.3.19.1 for WordPress allows Remote malicious users to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ninjaforms ninja forms |