Lucene search
PatchstackCVELIST:CVE-2023-35909HistoryDec 07, 2023 - 11:15 a.m.
CVE-2023-35909 WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack
2023-12-0711:15:26
CWE-400
Patchstack
www.cve.org
3
denial of service
uncontrolled resource consumption
wordpress plugin
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
17.0%
Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ninja-forms",
"product": "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress",
"vendor": "Saturday Drive",
"versions": [
{
"changes": [
{
"at": "3.6.26",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.6.25",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Denial of service
2023-12-07 12:15:00
cve
cve
CVE-2023-35909
2023-12-07 12:15:07
nvd
nvd
CVE-2023-35909
2023-12-07 12:15:07
openvas
openvas
WordPress Ninja Forms Contact Form Plugin < 3.6.26 Multiple Vulnerabilities
2023-08-31 00:00:00
wordfence
wordfence
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
17.0%
Related for CVELIST:CVE-2023-35909