Exposição de Ninja Forms
Form builders, WordPress plugins21
score de exposição
13.315
sites usam
0
em exploração
1
críticos
CVEs
18 resultadosCVE-2021-34647MEDIUMNinja Forms <= 3.5.7 Sensitive Information DisclosureEPSS 1.1%CVE-2024-7354MEDIUMNinja Forms 3.8.6-3.8.10 - Reflected XSSEPSS 0.7%CVE-2021-34648MEDIUMNinja Forms <= 3.5.7 Unprotected REST-API to Email InjectionEPSS 0.6%CVE-2024-26019MEDIUMNinja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrEPSS 0.5%CVE-2025-9083CRITICALNinja-forms < 3.11.1 - Unauthenticated PHP ObjectionEPSS 0.5%CVE-2024-37934MEDIUMWordPress Ninja Forms plugin <= 3.8.4 - Subscriber+ Arbitrary Shortcode Execution vulnerabilityEPSS 0.5%CVE-2024-29220MEDIUMNinja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, anEPSS 0.5%CVE-2023-38386HIGHWordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-38393HIGHWordPress Ninja Forms plugin <= 3.6.25 - Subscriber+ Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-50515MEDIUMWordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-50514MEDIUMWordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-25572HIGHCross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page whiEPSS 0.3%CVE-2025-14072MEDIUMNinja Forms < 3.13.3 - Unauthenticated Token Generation and Submission DisclosureEPSS 0.3%CVE-2024-43999MEDIUMWordPress Ninja Forms plugin <= 3.8.11 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-2524MEDIUMNinja Forms < 3.10.1 - Admin+ Stored XSSEPSS 0.3%CVE-2025-2560MEDIUMNinja Forms < 3.10.1 - Admin+ Stored XSSEPSS 0.2%CVE-2025-2561MEDIUMNinja Forms < 3.10.1 - Admin+ Stored XSSEPSS 0.2%CVE-2024-39628MEDIUMWordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →