Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
References
Configurations
History
16 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". |
07 Nov 2023, 03:36
Type | Values Removed | Values Added |
---|---|---|
Summary | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". |
Information
Published : 2022-06-16 18:15
Updated : 2024-09-16 20:15
NVD link : CVE-2021-36827
Mitre link : CVE-2021-36827
CVE.ORG link : CVE-2021-36827
JSON object : View
Products Affected
ninjaforms
- ninja_forms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')