IDCVSSSummaryLast (major) updatePublished
CVE-2018-19796 5.8
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.
03-12-2018 - 01:29 03-12-2018 - 01:29
CVE-2018-16308 6.8
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
01-09-2018 - 14:29 01-09-2018 - 14:29
CVE-2018-7280 4.3
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
21-02-2018 - 11:29 21-02-2018 - 11:29
CVE-2015-2220 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp
02-12-2016 - 22:04 05-03-2015 - 11:59
CVE-2016-1209 7.5
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
23-06-2016 - 13:54 14-05-2016 - 11:59
CVE-2014-9688 7.5
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
05-03-2015 - 13:00 05-03-2015 - 11:59
Back to Top Mark selected
Back to Top