Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ninja forms vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2016-1209
The Ninja Forms plugin prior to 2.9.42.1 for WordPress allows remote malicious users to conduct PHP object injection attacks via crafted serialized values in a POST request.
Ninjaforms Ninja Forms
1 EDB exploit
2 Github repositories
578
VMScore
CVE-2021-24889
The Ninja Forms Contact Form WordPress plugin prior to 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks
Ninjaforms Ninja Forms
445
VMScore
CVE-2020-36173
The Ninja Forms plugin prior to 3.4.28 for WordPress lacks escaping for submissions-table fields.
Ninjaforms Ninja Forms
383
VMScore
CVE-2018-7280
The Ninja Forms plugin prior to 3.2.14 for WordPress has XSS.
Ninjaforms Ninja Forms
NA
CVE-2023-37979
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.
Ninjaforms Ninja Forms
4 Github repositories
383
VMScore
CVE-2020-12462
The ninja-forms plugin prior to 3.4.24.2 for WordPress allows CSRF with resultant XSS.
Ninjaforms Ninja Forms
435
VMScore
CVE-2018-19287
XSS in the Ninja Forms plugin prior to 3.3.18 for WordPress allows Remote malicious users to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.
Ninjaforma Ninja Forms
1 EDB exploit
445
VMScore
CVE-2018-20980
The ninja-forms plugin prior to 3.2.15 for WordPress has parameter tampering.
Ninjaforms Ninja Forms
570
VMScore
CVE-2018-20981
The ninja-forms plugin prior to 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
Ninjaforms Ninja Forms
668
VMScore
CVE-2014-9688
Unspecified vulnerability in the Ninja Forms plugin prior to 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
Ninjaforms Ninja Forms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »