The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
References
Link | Resource |
---|---|
https://www.exploit-db.com/exploits/45234/ | Exploit Third Party Advisory VDB Entry |
https://wordpress.org/plugins/ninja-forms/#developers | Third Party Advisory |
https://packetstormsecurity.com/files/148993/WordPress-Ninja-Forms-3.3.13-CSV-Injection.html | Exploit Third Party Advisory VDB Entry |
Configurations
Information
Published : 2018-09-01 11:29
Updated : 2020-08-24 10:37
NVD link : CVE-2018-16308
Mitre link : CVE-2018-16308
JSON object : View
CWE
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
Products Affected
ninjaforms
- ninja_forms