CVE-2023-36505

Опубликовано: 17 апр. 2024

Источник: nvd

CVSS3: 6.8

CVSS3: 7.2

EPSS Низкий

Описание

Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.

Ссылки

https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-plugin-3-6-24-arbitrary-file-deletion-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*

Версия до 3.6.25 (исключая)

EPSS

Процентиль: 60%

0.00394

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo

Связанные уязвимости

GHSA-v6h9-wr28-4v3c

CVSS3: 6.8

github

почти 2 года назад

Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.

EPSS

Процентиль: 60%

0.00394

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo