[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fY4YppVqrFYpBSRKZ1TuvliBuK8trfu3nGxFDiUSYSMw":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2021-24889","ninja-forms-contact-form-authenticated-sql-injection","Ninja Forms Contact Form \u003C= 3.6.3 - Authenticated SQL Injection","The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks","ninja-forms",null,"\u003C3.6.4","3.6.4","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2021-10-26 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5340204a-8a4f-4e23-82a1-c228b884c34a?source=api-prod",819]