Vulnerabilidades en kstover
13 resultadosCVE-2024-0685MEDIUMNinja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL InjectionEPSS 0.8%CVE-2024-12238MEDIUMNinja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2025-11924HIGHNinja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer TokenEPSS 0.4%CVE-2024-2108MEDIUMNinja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-2268HIGHNinja Forms <= 3.14.0 - Unauthenticated Information Disclosure in nf_ajax_submit AJAX ActionEPSS 0.3%CVE-2024-11052HIGHNinja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form CalculationsEPSS 0.3%CVE-2024-13470MEDIUMNinja Forms – The Contact Form Builder That Grows With You <= 3.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2024-3866MEDIUMNinja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via RefererEPSS 0.3%CVE-2024-2113MEDIUMNinja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission ExportEPSS 0.2%CVE-2026-1307MEDIUMNinja Forms <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor TokenEPSS 0.2%CVE-2025-5398MEDIUMNinja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTIEPSS 0.2%CVE-2025-10498MEDIUMNinja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File DeletionEPSS 0.2%CVE-2025-10499MEDIUMNinja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%