Shodan
Vulnerabilities
Vulnerable Software
Ninjaforms:  >> Ninja Forms  >> 2.7  Security Vulnerabilities
CVE-2016-1209
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
CVSS Score
9.8
EPSS Score
0.773
Published
2016-05-14
CVE-2015-2220
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-03-05
CVE-2014-9688
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
CVSS Score
7.5
EPSS Score
0.003
Published
2015-03-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved