CVE-2025-14072
Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure
The Ninja Forms WordPress plugin before 3.13.3 allows unauthenticated attackers to generate valid access tokens via the REST API which can then be used to read form submissions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Unknown · Ninja Forms¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →