Shodan
Vulnerabilities
Vulnerable Software
Ninjaforms:  >> Ninja Forms  >> 3.0.12  Security Vulnerabilities
CVE-2020-12462
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-29
CVE-2017-18574
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
CVE-2018-20980
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-08-22
CVE-2018-20981
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
CVSS Score
9.1
EPSS Score
0.006
Published
2019-08-22
CVE-2018-19796
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-12-03
CVE-2018-16308
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
CVSS Score
8.6
EPSS Score
0.004
Published
2018-09-01
CVE-2018-7280
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-02-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved