CVE-2021-24163

Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure

EPSS 1.4%CWE-200

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

05 abr 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.

Productos afectados

Unknown · Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://wpscan.com/vulnerability/55fde9fa-f6cd-4546-bee8-4acc628251c2 https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/