Open Redirect Vulnerability in Ninja Forms Plugin for WordPress

CVE-2018-19796 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.

Learn more about our Wordpress Pen Testing.