| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-34817 | WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability | CRM Perks | Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms | Medium | 4.3 | 2024-05-10 08:35:23 | Deep Dive |
| CVE-2023-36505 | WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion | Saturday Drive | Ninja Forms Contact Form | Medium | 6.8 | 2024-04-17 09:09:33 | Deep Dive |
| CVE-2024-2108 | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Authenticated (Author+) Stored Cross-Site Scripting | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.6 | 2024-03-29 06:44:01 | Deep Dive |
| CVE-2024-2113 | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission Export | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.3 | 2024-03-29 06:43:58 | Deep Dive |
| CVE-2024-0685 | Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 5.9 | 2024-02-02 04:32:35 | Deep Dive |
| CVE-2023-31095 | WordPress Integration for Contact Form 7 HubSpot Plugin <= 1.2.8 is vulnerable to Open Redirection | CRM Perks | Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms | Medium | 4.7 | 2023-12-29 09:50:01 | Deep Dive |
| CVE-2023-37982 | WordPress Integration for Contact Form 7 and Salesforce Plugin <= 1.3.3 is vulnerable to Open Redirection | CRM Perks | Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms | Medium | 4.7 | 2023-12-19 20:07:31 | Deep Dive |
| CVE-2023-47779 | WordPress Integration for Contact Form 7 and Constant Contact Plugin <= 1.1.4 is vulnerable to Open Redirection | CRM Perks | Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms | Medium | 4.7 | 2023-12-07 12:11:33 | Deep Dive |
| CVE-2023-35909 | WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack | Saturday Drive | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | Medium | 5.3 | 2023-12-07 11:15:27 | Deep Dive |
| CVE-2023-5530 | Ninja Forms < 3.6.34 - Admin+ Stored XSS | Unknown | Ninja Forms Contact Form | 中危 | - | 2023-11-06 20:41:41 | Deep Dive |
| CVE-2023-4109 | Ninja Forms < 3.6.26 - Admin+ Stored HTML Injection | Unknown | Ninja Forms Contact Form | 中危 | - | 2023-08-30 14:22:02 | Deep Dive |
| CVE-2023-37979 | WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Cross Site Scripting (XSS) | Saturday Drive | Ninja Forms Contact Form | High | 7.1 | 2023-07-27 14:08:06 | Deep Dive |
| CVE-2023-1835 | Ninja Forms < 3.6.22 - Reflected XSS | Unknown | Ninja Forms Contact Form | 中危 | - | 2023-05-15 12:15:46 | Deep Dive |
| CVE-2022-2903 | NinjaForms < 3.6.13 - Admin+ PHP Objection Injection | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 高危 | - | 2022-09-26 12:35:34 | Deep Dive |
| CVE-2021-25066 | Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2022-07-04 13:05:27 | Deep Dive |
| CVE-2021-25056 | Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2022-07-04 13:05:21 | Deep Dive |
| CVE-2021-36827 | WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Saturday Drive | Ninja Forms Contact Form (WordPress plugin) | Medium | 4.8 | 2022-06-16 17:11:17 | Deep Dive |
| CVE-2021-24889 | Ninja Forms < 3.6.4 - Admin+ SQL Injection | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 高危 | - | 2021-11-29 08:25:45 | Deep Dive |
| CVE-2021-24381 | NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-10-25 13:20:32 | Deep Dive |
| CVE-2021-24164 | Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure | Unknown | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | 中危 | - | 2021-04-05 18:27:43 | Deep Dive |