Lucene search
Chloe Chamberland (WordFence)PATCHSTACK:6EA775B7ECC28CD3302E8D2E3DE3A4D6HistorySep 22, 2021 - 12:00 a.m.
WordPress Ninja Forms Contact Form plugin <= 3.5.7 - Unprotected REST-API to Email Injection vulnerability
2021-09-2200:00:00
Chloe Chamberland (WordFence)
patchstack.com
8
0.001 Low
EPSS
Percentile
21.4%
Unprotected REST-API to Email Injection vulnerability discovered by Chloe Chamberland (WordFence) in WordPress Ninja Forms Contact Form plugin (versions <= 3.5.7).
Solution
Update the WordPress Ninja Forms Contact Form plugin to the latest available version (at least 3.5.8).
| CPE | Name | Operator | Version |
|---|---|---|---|
| ninja forms | le | 3.5.7 |
Related
wpvulndb
wpvulndb
Ninja Forms < 3.5.8 - Unprotected REST-API to Email Injection
2021-09-22 00:00:00
wpexploit
wpexploit
Ninja Forms < 3.5.8 - Unprotected REST-API to Email Injection
2021-09-22 00:00:00
cve
cve
CVE-2021-34648
2021-09-22 18:15:11
prion
prion
Code injection
2021-09-22 18:15:00
cvelist
cvelist
CVE-2021-34648 Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection
2021-09-22 00:00:00
nvd
nvd
CVE-2021-34648
2021-09-22 18:15:11
wordfence
wordfence
openvas
openvas
WordPress Ninja Forms Plugin < 3.5.8 Multiple Vulnerabilities
2021-10-12 00:00:00