Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

kstover — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting kstover. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by kstover:Ninja Forms – The Contact Form Builder That Grows With You
CVE IDTitleCVSSSeverityPublished
CVE-2026-1307 Ninja Forms <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor Token — Ninja Forms – The Contact Form Builder That Grows With YouCWE-200 6.5 Medium2026-03-28
CVE-2026-2268 Ninja Forms <= 3.14.0 - Unauthenticated Information Disclosure in nf_ajax_submit AJAX Action — Ninja Forms – The Contact Form Builder That Grows With YouCWE-200 7.5 High2026-02-10
CVE-2025-11924 Ninja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token — Ninja Forms – The Contact Form Builder That Grows With YouCWE-639 7.5 High2025-12-17
CVE-2025-10498 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2025-09-27
CVE-2025-10499 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2025-09-27
CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 6.4 Medium2025-06-27
CVE-2024-13470 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 6.4 Medium2025-01-30
CVE-2024-12238 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode Execution — Ninja Forms – The Contact Form Builder That Grows With YouCWE-94 6.3 Medium2024-12-29
CVE-2024-11052 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 7.2 High2024-12-12
CVE-2024-3866 Ninja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 4.7 Medium2024-09-25
CVE-2024-2108 Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Authenticated (Author+) Stored Cross-Site Scripting — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 4.6 Medium2024-03-29
CVE-2024-2113 Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission Export — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2024-03-29
CVE-2024-0685 Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection — Ninja Forms – The Contact Form Builder That Grows With YouCWE-89 5.9 Medium2024-02-02

This page lists every published CVE security advisory associated with kstover. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.