4 matches found
CVE-2025-5398
creationtimestamp| type| source ---|---|--- 2025-06-27 09:53:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19683...
CVE-2025-5398
CVE-2025-5398 affects Ninja Forms – The Contact Form Builder That Grows With You (WordPress plugin). The CVE describes a Stored Cross-Site Scripting (CSTI) vulnerability due to insufficient output escaping in the templating engine, impacting all versions up to and including 3.10.2.1. Exploitation...
CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This mak...
WordPress Ninja Forms plugin <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via CSTI vulnerability discovered by Asaf Mozes in WordPress Plugin Ninja Forms versions = 3.10.2.1...