CVE-2023-37979
Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-37979
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Patchstack
Severity: HIGH
CVE ID: CVE-2023-37979
CVSS Score: 7.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Proof Of Concept
Nuclei Templates for CVE-2023-37979
Refrence: Project Discovery GitHub
Mehran-Seifalinia
Refrence: GitHub
d0rb
CVE-2023-37979 PoC and Checker
Refrence: GitHub
Content on GitHub
codeb0ss | watchers:1
CVE-2023-37979
CVE-2023-37979 - WordPress Authenticated XSS in Ninja-forms Plugin + Upload File
Refrence: GitHub