WordPress Plugin Vulnerabilities

Ninja Forms Contact Form < 3.7.2 - Unauthenticated Second Order SQL Injection

Description

The plugin is vulnerable to Second Order SQL Injection via the email address value submitted through forms due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to inject SQL in their email address that will append additional into the already existing query when an administrator triggers a personal data export.

Affects Plugins

Plugin icon
ninja-forms
Fixed in 3.7.2

References

CVE
CVE-2024-0685
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb73d5d-ca4a-4103-866d-f7bb369a8ce4

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
5.9 (medium)

Miscellaneous

Original Researcher
stealthcopter
Verified
No
WPVDB ID
8e5c6259-f7d6-474d-932b-a5d186b94c2a

Timeline

Publicly Published
2024-02-01 (about 2 years ago)
Added
2024-02-02 (about 2 years ago)
Last Updated
2024-02-02 (about 2 years ago)

Other

Published
Title
Published
2025-03-03
Title
teachPress < 9.0.8 - Authenticated (Contributor+) SQL Injection
Published
2017-08-07
Title
Easy Modal < 2.1.0 - Authenticated SQL Injection
Published
2023-07-18
Title
WP Donate < 1.5 - Unauthenticated SQL Injection
Published
2025-02-24
Title
Yawave <= 2.9.1 - Unauthenticated SQL Injection
Published
2021-11-15
Title
Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection