exploitDog

CVE-2018-16308

Опубликовано: 01 сент. 2018

Источник: nvd

CVSS3: 8.6

CVSS2: 6.8

EPSS Низкий

Описание

The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.

Ссылки

https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://wordpress.org/plugins/ninja-forms/#developers
Third Party Advisory
https://www.exploit-db.com/exploits/45234/
Exploit
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://wordpress.org/plugins/ninja-forms/#developers
Third Party Advisory
https://www.exploit-db.com/exploits/45234/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*

Версия до 3.3.14.1 (исключая)

EPSS

Процентиль: 58%

0.00358

Низкий

8.6 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-1236

Связанные уязвимости

GHSA-928w-73gm-m2g3

CVSS3: 8.6

github

больше 3 лет назад

The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.

EPSS

Процентиль: 58%

0.00358

Низкий

8.6 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-1236