[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f73NJdFWFmH-W-NghBhrcs620st0gIF641qMFBu6hmpQ":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-f3ebaf25-1bd3-4770-b4bd-30de83b31add-ninja-forms","ninja-forms-contact-form-the-drag-and-drop-form-builder-for-wordpress-arbitrary-wordpress-shortcode-injection","Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress \u003C= 3.0.31 - Arbitrary Wordpress Shortcode Injection","The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Arbitrary Wordpress Shortcode Injection in versions up to, and including, 3.0.31. This makes it possible for unauthenticated attackers to preview un-published forms and could possibly be used to leverage further attacks.","ninja-forms",null,"\u003C=3.0.31","3.0.32","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Improper Control of Generation of Code ('Code Injection')","2017-04-17 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff3ebaf25-1bd3-4770-b4bd-30de83b31add?source=api-prod",2472]