CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ninjaforms: >> Ninja Forms >> 2.9.9 Security Vulnerabilities

CVE-2018-19796

An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter.

CVSS Score

6.1

EPSS Score

0.003

Published

2018-12-03

CVE-2018-16308

The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.

CVSS Score

8.6

EPSS Score

0.004

Published

2018-09-01

CVE-2018-7280

The Ninja Forms plugin before 3.2.14 for WordPress has XSS.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-02-21

CVE-2016-1209

The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.

CVSS Score

9.8

EPSS Score

0.773

Published

2016-05-14

Page 5

Vulnerabilities

Vulnerable Software

Ninjaforms: >> Ninja Forms >> 2.9.9 Security Vulnerabilities

Products

Pricing

Contact Us