| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1217 | Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization to Arbitrary Plugin Deactivation | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 7.6 | 2024-02-20 18:56:35 | Deep Dive |
| CVE-2024-0685 | Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 5.9 | 2024-02-02 04:32:35 | Deep Dive |
| CVE-2024-22305 | WordPress Contact Form builder with drag & drop - Kali Forms Plugin <= 2.3.36 is vulnerable to Insecure Direct Object References (IDOR) | ali Forms | Contact Form builder with drag & drop for WordPress – Kali Forms | High | 7.5 | 2024-01-31 11:49:29 | Deep Dive |
| CVE-2023-35909 | WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack | Saturday Drive | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | Medium | 5.3 | 2023-12-07 11:15:27 | Deep Dive |
| CVE-2020-36717 | Kali Forms <= 2.1.1 - Cross-Site Request Forgery | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 8.8 | 2023-06-07 01:51:36 | Deep Dive |
| CVE-2020-36720 | Kali Forms <= 2.1.1 - Missing Authorization to Settings Update | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 7.1 | 2023-06-07 01:51:34 | Deep Dive |
| CVE-2020-36712 | Kali Forms <= 2.1.1 - Unauthenticated Arbitrary Post Deletion | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 8.6 | 2023-06-07 01:51:32 | Deep Dive |
| CVE-2022-2903 | NinjaForms < 3.6.13 - Admin+ PHP Objection Injection | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 高危 | - | 2022-09-26 12:35:34 | Deep Dive |
| CVE-2021-25066 | Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2022-07-04 13:05:27 | Deep Dive |
| CVE-2021-25056 | Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2022-07-04 13:05:21 | Deep Dive |
| CVE-2021-24689 | Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read | Unknown | Contact Forms – Drag & Drop Contact Form Builder | 中危 | - | 2022-02-28 09:06:04 | Deep Dive |
| CVE-2021-24907 | Everest Forms < 1.8.0 - Reflected Cross-Site Scripting | Unknown | Contact Form, Drag and Drop Form Builder for WordPress – Everest Forms | 中危 | - | 2021-12-21 08:45:34 | Deep Dive |
| CVE-2021-24889 | Ninja Forms < 3.6.4 - Admin+ SQL Injection | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 高危 | - | 2021-11-29 08:25:45 | Deep Dive |
| CVE-2021-24381 | NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-10-25 13:20:32 | Deep Dive |
| CVE-2021-24166 | Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-04-05 18:27:43 | Deep Dive |
| CVE-2021-24165 | Ninja Forms < 3.4.34 - Administrator Open Redirect | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-04-05 18:27:43 | Deep Dive |
| CVE-2021-24164 | Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-04-05 18:27:43 | Deep Dive |
| CVE-2021-24163 | Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 高危 | - | 2021-04-05 18:27:43 | Deep Dive |