E18-5orb1
CVSS:
4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
False Positive:
t
Variants:
1
Year:
2018
Description
This strike exploits a stored cross-site scripting vulnerability in WordPress Plugin Ninja Forms. The vulnerability is due to improper sanitization of the end date parameter. By successfully exploiting this vulnerability, an authenticated attacker could take control of the victims browser.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}