Unprotected REST-API to Email Injection vulnerability discovered by Chloe Chamberland (WordFence) in WordPress Ninja Forms Contact Form plugin (versions <= 3.5.7).
Update the WordPress Ninja Forms Contact Form plugin to the latest available version (at least 3.5.8).
CPE | Name | Operator | Version |
---|---|---|---|
ninja forms | le | 3.5.7 |