CVE-2021-24166

The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.
Configurations

Configuration 1

cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-04-05 07:15

Updated : 2021-04-09 03:22


NVD link : CVE-2021-24166

Mitre link : CVE-2021-24166

Products Affected
No products.
CWE