Vulnerability Description
The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ninjaforms | Ninja Forms | <= 3.5.7 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/SubPatchThird Party Advisory
- https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninjaExploitThird Party Advisory
- https://plugins.trac.wordpress.org/browser/ninja-forms/trunk/includes/Routes/SubPatchThird Party Advisory
- https://www.wordfence.com/blog/2021/09/recently-patched-vulnerabilities-in-ninjaExploitThird Party Advisory
FAQ
What is CVE-2021-34648?
CVE-2021-34648 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5...
How severe is CVE-2021-34648?
CVE-2021-34648 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-34648?
Check the references section above for vendor advisories and patch information. Affected products include: Ninjaforms Ninja Forms.