PT-2026-60709 · Saturday Drive · Ninja Forms - Excel Export
CVE-2026-15161
·
Publicado
2026-07-17
·
Atualizado
2026-07-17
CVSS v3.1
6.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
The Ninja Forms - Excel Export plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.6. This is due to the save filter() AJAX handler storing the raw $ POST['filter'] array into a WordPress option via update option() without any capability check, nonce verification, or input sanitization, combined with the get filter row() method on the admin Excel Export screen concatenating the stored filter values (field key, condition, value) directly into HTML attributes without esc attr(). This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ninja Forms - Excel Export