WordPress Plugin Vulnerabilities

Ninja Forms < 3.8.23 - Subscriber+ Arbitrary Shortcode Execution

Description

The plugin is vulnerable to arbitrary shortcode execution due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.

Affects Plugins

Plugin icon
ninja-forms
Fixed in 3.8.23

References

CVE
CVE-2024-12238
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/524a2143-b15f-4edc-98de-dafef4c5bc00

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
6.3 (medium)

Miscellaneous

Original Researcher
mikemyers
Verified
No
WPVDB ID
84d8ee5d-7026-4273-a18b-8d7ece1ab36e

Timeline

Publicly Published
2024-12-28 (about 1 year ago)
Added
2025-01-13 (about 1 year ago)
Last Updated
2025-01-13 (about 1 year ago)

Other

Published
Title
Published
2022-02-08
Title
PHP Everywhere < 3.0.0 - Subscriber+ RCE via Shortcode
Published
2025-04-25
Title
Anps Theme plugin < 1.1.2 - Unauthenticated Arbitrary Shortcode Execution
Published
2022-06-28
Title
Import any XML or CSV File to WordPress < 3.6.8 - Admin+ Arbitrary Code Execution
Published
2025-09-22
Title
WP User Frontend < 4.1.13 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
Published
2024-10-25
Title
Uix Shortcodes < 2.0.0 - Unauthenticated Arbitrary Shortcode Execution