CVE-2021-24165 Scanner

Ninja Forms is a popular WordPress plugin that provides customizable forms for websites. It is used by businesses and bloggers alike to create contact forms, surveys, registration forms, and more. The plugin is highly user-friendly, allowing even those with little technical knowledge to create professional-looking forms with ease.

However, recently, a critical vulnerability was discovered in Ninja Forms. The CVE-2021-24165 vulnerability was spotted in the wp_ajax_nf_oauth_connect AJAX action. It left the plugin open to open redirects, which attackers could use to redirect users to malicious sites. This could lead to phishing attacks, identity theft, or other dangerous activities.

If exploited, the vulnerability posed a significant threat to website owners and users alike. Sensitive information such as usernames, passwords, and other private details could be compromised. Furthermore, redirects to malicious websites could lead to malware infections, ransomware attacks, and other malicious activities.

At SecurityForEveryone, we take digital security seriously. Our platform provides users with up-to-date information on known vulnerabilities, security threats, and other digital security issues. By using our pro features, businesses can keep their assets safe and secure, protecting themselves and their customers from potential harm. Don't leave your digital security to chance - sign up for SecurityForEveryone today.

REFERENCES

• https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818
• https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/
• https://nvd.nist.gov/vuln/detail/CVE-2021-24165