# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-36827 |
79 |
|
XSS |
2022-06-16 |
2022-06-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". |
2 |
CVE-2021-34648 |
863 |
|
|
2021-09-22 |
2021-09-29 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to send arbitrary emails from the affected server via the /ninja-forms-submissions/email-action REST API which can be used to socially engineer victims. |
3 |
CVE-2021-34647 |
863 |
|
|
2021-09-22 |
2021-09-29 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
The Ninja Forms WordPress plugin is vulnerable to sensitive information disclosure via the bulk_export_submissions function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. This allows authenticated attackers to export all Ninja Forms submissions data via the /ninja-forms-submissions/export REST API which can include personally identifiable information. |
4 |
CVE-2021-24889 |
89 |
|
Sql |
2021-11-29 |
2021-11-29 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks |
5 |
CVE-2021-24166 |
352 |
|
|
2021-04-05 |
2021-04-09 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection. |
6 |
CVE-2021-24165 |
601 |
|
|
2021-04-05 |
2021-04-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place. |
7 |
CVE-2021-24164 |
200 |
|
+Info |
2021-04-05 |
2021-04-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection. |
8 |
CVE-2021-24163 |
200 |
|
+Info |
2021-04-05 |
2021-04-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin. |
9 |
CVE-2020-36175 |
863 |
|
Bypass |
2021-01-06 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field. |
10 |
CVE-2020-36174 |
352 |
|
CSRF |
2021-01-06 |
2021-01-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration. |
11 |
CVE-2020-36173 |
863 |
|
|
2021-01-06 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields. |
12 |
CVE-2020-12462 |
352 |
|
XSS CSRF |
2020-04-29 |
2020-05-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS. |
13 |
CVE-2020-8594 |
79 |
|
XSS |
2020-02-14 |
2020-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format]. |
14 |
CVE-2018-20981 |
20 |
|
|
2019-08-22 |
2019-08-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. |
15 |
CVE-2018-20980 |
20 |
|
|
2019-08-22 |
2019-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. |
16 |
CVE-2018-19796 |
601 |
|
|
2018-12-03 |
2020-03-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter. |
17 |
CVE-2018-16308 |
1236 |
|
|
2018-09-01 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. |
18 |
CVE-2018-7280 |
79 |
|
XSS |
2018-02-21 |
2018-03-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The Ninja Forms plugin before 3.2.14 for WordPress has XSS. |
19 |
CVE-2017-18574 |
20 |
|
|
2019-08-22 |
2019-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder. |
20 |
CVE-2016-1209 |
20 |
|
|
2016-05-14 |
2016-06-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request. |
21 |
CVE-2015-2220 |
79 |
|
XSS |
2015-03-05 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp-admin/admin-ajax.php or (2) remote administrators to inject arbitrary web script or HTML via the fields[1] parameter to wp-admin/post.php. |
22 |
CVE-2014-9688 |
|
|
|
2015-03-05 |
2015-03-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users. |