Skip to main content

CVE-2023-37979

Description

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

NVD
Severity: MEDIUM
CVE ID: CVE-2023-37979
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Patchstack
Severity: HIGH
CVE ID: CVE-2023-37979
CVSS Score: 7.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Refrence: NVDMITRE

Proof Of Concept

Nuclei Templates for CVE-2023-37979
Mehran-Seifalinia

Refrence: GitHub

d0rb

CVE-2023-37979 PoC and Checker

Refrence: GitHub

Content on GitHub

codeb0ss | watchers:1

CVE-2023-37979
CVE-2023-37979 - WordPress Authenticated XSS in Ninja-forms Plugin + Upload File

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.9