📦 Ninja Forms
by Ninjaforms
🔍 What is Ninja Forms?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows unauthenticated attackers to read arbitrary form definitions and submission records in Ninja Forms WordPress plugin. Attackers can exploit this using leaked bearer tokens fro...
This vulnerability allows unauthenticated attackers to inject malicious JavaScript into WordPress pages using the Ninja Forms plugin. When users visit compromised pages, the scripts execute in their b...
This CVE describes a Missing Authorization vulnerability in the Ninja Forms WordPress plugin that allows subscribers to perform unauthorized actions. It affects all Ninja Forms installations from unsp...
This CSRF vulnerability in Ninja Forms WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions on their own websites. Attackers can exploit this by l...
This SQL injection vulnerability in the Ninja Forms Contact Form WordPress plugin allows authenticated administrators to execute arbitrary SQL commands. It affects WordPress sites running Ninja Forms ...
This vulnerability in the Ninja Forms WordPress plugin allows low-privileged users (like subscribers) to install and activate the SendWP plugin without authorization and retrieve sensitive client_secr...
This CSRF vulnerability in Ninja Forms WordPress plugin allows unauthenticated attackers to trick administrators into unknowingly enabling usage statistics collection. All WordPress sites using Ninja ...
This CSRF vulnerability in Ninja Forms WordPress plugin allows unauthenticated attackers to delete CSV export files by tricking administrators into clicking malicious links. It affects WordPress sites...
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Ninja Forms plugin. When other users visit those compro...
This vulnerability in the Ninja Forms WordPress plugin allows administrators to inject malicious scripts into plugin settings, which then execute when other users view those settings. It affects WordP...
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Ninja Forms plugin's shortcode. The scripts are stored ...
This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to execute arbitrary shortcodes through the Ninja Forms plugin. Attackers can leverage this to run malici...
This stored cross-site scripting (XSS) vulnerability in Ninja Forms WordPress plugin allows attackers to inject malicious scripts into web pages that are then executed when other users view those page...
This vulnerability allows unauthenticated attackers to inject malicious scripts via the Referer header in Ninja Forms Contact Form for WordPress. It affects all WordPress sites using Ninja Forms versi...
This vulnerability allows attackers to inject malicious scripts via specially crafted URLs in the Ninja Forms WordPress plugin. When high-privilege users like administrators click these links, the scr...