Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ninja Forms — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in Ninja Forms, with AI-generated Chinese analysis, references, and POCs.

Vendor: Saturday Drive

CVE IDTitleCVSSSeverityPublished
CVE-2025-14072 Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure 5.3 -2026-01-02
CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection 9.8AICriticalAI2025-09-18
CVE-2025-2561 Ninja Forms < 3.10.1 - Admin+ Stored XSS 4.8AIMediumAI2025-05-19
CVE-2025-2524 Ninja Forms < 3.10.1 - Admin+ Stored XSS 4.8AIMediumAI2025-05-19
CVE-2025-2560 Ninja Forms < 3.10.1 - Admin+ Stored XSS 4.8AIMediumAI2025-05-19
CVE-2024-50515 WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-11-19
CVE-2024-50514 WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-11-19
CVE-2024-43999 WordPress Ninja Forms plugin <= 3.8.11 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-09-17
CVE-2024-7354 Ninja Forms 3.8.6-3.8.10 - Reflected XSS 6.1AIMediumAI2024-09-02
CVE-2024-39628 WordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2024-08-26
CVE-2024-37934 WordPress Ninja Forms plugin <= 3.8.4 - Subscriber+ Arbitrary Shortcode Execution vulnerability CWE-94 5.4 Medium2024-07-09
CVE-2023-38393 WordPress Ninja Forms plugin <= 3.6.25 - Subscriber+ Broken Access Control vulnerability CWE-862 7.6 High2024-06-19
CVE-2023-38386 WordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerability CWE-862 7.6 High2024-06-19
CVE-2024-25572 WordPress Plugin Ninja Forms Contact Form 安全漏洞 8.8AIHighAI2024-04-11
CVE-2024-26019 WordPress Plugin Ninja Forms Contact Form 安全漏洞 6.1AIMediumAI2024-04-11
CVE-2024-29220 WordPress plugin Ninja Forms 安全漏洞 5.4AIMediumAI2024-04-11
CVE-2021-34647 Ninja Forms <= 3.5.7 Sensitive Information Disclosure CWE-863 6.5 Medium2021-09-22
CVE-2021-34648 Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection CWE-863 6.4 Medium2021-09-22

All 18 known CVE vulnerabilities affecting Ninja Forms with full Chinese analysis, references, and POCs where available.