CVE-2025-14072
Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure
The Ninja Forms WordPress plugin before 3.13.3 allows unauthenticated attackers to generate valid access tokens via the REST API which can then be used to read form submissions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Unknown · Ninja FormsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →