High severity7.2NVD Advisory· Published Sep 26, 2022· Updated Jun 17, 2026
CVE-2022-2903
CVE-2022-2903
Description
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.6.13
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/255b98ba-5da9-4424-a7e9-c438d8905864nvdExploitPatchThird Party Advisory
News mentions
0No linked articles in our index yet.