cve/2023/CVE-2023-37979.md

CVE-2023-37979

Description

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

POC

Reference

• http://packetstormsecurity.com/files/173983/WordPress-Ninja-Forms-3.6.25-Cross-Site-Scripting.html

Github

• https://github.com/Fire-Null/CVE-2023-37979
• https://github.com/Fire-Null/Write-Ups
• https://github.com/Mehran-Seifalinia/CVE-2023-37979
• https://github.com/codeb0ss/CVE-2023-37979
• https://github.com/d0rb/CVE-2023-37979
• https://github.com/nomi-sec/PoC-in-GitHub