Lucene search
China National Vulnerability DatabaseCNVD-2022-67603HistoryMar 25, 2022 - 12:00 a.m.
WordPress Ninja Forms-File Uploads Extension Plugin Cross-Site Scripting Vulnerability
2022-03-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
wordpress
ninja forms
file uploads
cross-site scripting
php
mysql
vulnerability
attack
web scripts
EPSS
0.001
Percentile
35.5%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin for WordPress. WordPress Ninja Forms - File Uploads Extension Plugin 3.3.12 and earlier versions have a cross-site scripting vulnerability that vulnerability stems from the program not properly filtering the filename parameter in the ~/includs/ajax/controller/uploads.php file. An attacker could use this vulnerability to add malicious web scripts.
Related
prion
prion
Cross site scripting
2022-03-23 20:15:00
nvd
nvd
CVE-2022-0889
2022-03-23 20:15:10
patchstack
patchstack
wpvulndb
wpvulndb
cve
cve
CVE-2022-0889
2022-03-23 20:15:10
cvelist
cvelist
CVE-2022-0889
2022-03-23 19:46:49