Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-37979

Published: 27/07/2023 Updated: 04/08/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ninjaforms ninja forms

Exploits

Exploit DB: WordPress Ninja Forms 3.6.25 Cross Site Scripting
WordPress Ninja Forms plugin version 3625 suffers from a cross site scripting vulnerability ...

Github Repositories

https://github.com/Mehran-Seifalinia/CVE-2023-37979

CVE-2023-37979 Exploit CVE ID CVSS Score Discovered Affected Plugin Vendor Vulnerability Type CVE-2023-37979 27/07/2023 WordPress Plugin Ninja-forms Reflected XSS Python Script CVE Python script exploits the reflected Cross-Site Scripting (XSS) vulnerability CVE-2023-37979 found in the Ninja-forms WordPress plugin This CVE could allow a malicious actor to inject m

https://github.com/d0rb/CVE-2023-37979

CVE-2023-37979 PoC and Checker

CVE-2023-37979 Unauth Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin &lt;= 3625 versions PoC and Checker , for educational purposes only 'python3 exploitpy targetcom'

https://github.com/codeb0ss/CVE-2023-37979

CVE-2023-37979 - WordPress Authenticated XSS in Ninja-forms Plugin + Upload File

Mass Exploiter Option 133x, Im Not Pretty Sure If It Worked %100 Or Not, Its Only Idea For Gaining More Access On Sites CVE-2023-37979 - WordPress Authenticated XSS in Ninja-forms Plugin + Upload File

https://github.com/Mehran-Seifalinia/CVE-2023-37979-

CVE-2023-37979 Exploit CVE ID CVSS Score Discovered Affected Plugin Vendor Vulnerability Type CVE-2023-37979 27/07/2023 WordPress Plugin Ninja-forms Reflected XSS Python Script CVE Python script exploits the reflected Cross-Site Scripting (XSS) vulnerability CVE-2023-37979 found in the Ninja-forms WordPress plugin This CVE could allow a malicious actor to inject m

References

CWE-79https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cvehttps://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cvehttp://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.htmlhttps://github.com/d0rb/CVE-2023-37979
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook