Vulnerabilities

CVE-2021-24165

by Fred · 05/04/2021

In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.

Date published : 2021-04-05

https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818

One Million Sites Affected: Four Severe Vulnerabilities Patched in Ninja Forms

Similar

Tags: Cybersecurity Alert