Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
References
Configurations
History
21 Nov 2024, 06:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-plugin-3-6-9-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve - |
16 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". |
07 Nov 2023, 03:36
Type | Values Removed | Values Added |
---|---|---|
Summary | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". |
Information
Published : 2022-06-16 18:15
Updated : 2024-11-21 06:14
NVD link : CVE-2021-36827
Mitre link : CVE-2021-36827
CVE.ORG link : CVE-2021-36827
JSON object : View
Products Affected
ninjaforms
- ninja_forms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')