Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35909: WordPress Ninja Forms plugin 3.6.25 - Denial of Service Attack vulnerability - Patchstack

Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25.

CVE
Open in Source
#vulnerability#web#dos#wordpress

Solution

Update to fix

Update the WordPress Ninja Forms plugin to the latest available version (at least 3.6.26).

Found this useful? Thank PetiteMais for reporting this vulnerability. Buy a coffee ☕

PetiteMais discovered and reported this Denial of Service Attack vulnerability in WordPress Ninja Forms Plugin. A denial of service attack occurs when a malicious actor can cause the endpoint, or website, to crash or refuse to serve requests to one or more users by causing it to hang, crash or make unusable. This vulnerability has been fixed in version 3.6.26.

Other vulnerabilities in this plugin

0 present

39 patched

View all

WordPress plugin developer?

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

Security researcher?

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE