ninjaforms
Web & CMS Pluginscommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting ninjaforms.
- CVE-2025-9083Ninja-forms < 3.11.1 - Unauthenticated PHP Objection9.8
- CVE-2023-5530Ninja Forms < 3.6.34 - Admin+ Stored XSS4.8
- CVE-2023-1835Ninja Forms < 3.6.22 - Reflected XSS6.1
- CVE-2021-25066Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import4.8
- CVE-2021-25056Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting4.8
- CVE-2021-36827WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability4.8
- CVE-2022-0888Ninja Forms - File Uploads Extension <= 3.3.0 - Arbitrary File Upload9.8
- CVE-2022-0889Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting7.2
- CVE-2021-24889Ninja Forms < 3.6.4 - Admin+ SQL Injection7.2
- CVE-2021-24381NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting4.8
- CVE-2021-34647Ninja Forms <= 3.5.7 Sensitive Information Disclosure6.5
- CVE-2021-34648Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection6.4
- CVE-2021-24166Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection5.4
- CVE-2021-24164Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure4.3
- CVE-2021-24165Ninja Forms < 3.4.34 - Administrator Open Redirect6.1