Lucene search
+L

74 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21298

Malware in sbrugna...

6.4CVSS4.7AI score0.00657EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-21297

Malware in sbrugna...

6.5CVSS6.4AI score0.01159EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-13517

Malware in sbrugna...

9.1CVSS9.3AI score0.01744EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-33259

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00398EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2023-33832

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.00717EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/28 2:41 a.m.10 views

CVE-2025-10499

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.12.0. This is due to missing or incorrect nonce validation on the maybeoptin function. This makes it possible for unauthenticated...

4.3CVSS5.2AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/18 6:0 a.m.6 views

CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

6.3AI score0.00505EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.10 views

PT-2025-38301

Name of the Vulnerable Software and Affected Versions Ninja Forms WordPress plugin versions prior to 3.11.1 Description The Ninja Forms WordPress plugin is susceptible to PHP Object Injection due to the unserialization of user-supplied data through form fields. This allows unauthenticated users t...

9.8CVSS7AI score0.00505EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 5:35 a.m.9 views

CVE-2023-35909

Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25...

5.3CVSS6.7AI score0.00768EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:49 a.m.16 views

CVE-2023-5530

The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfilteredhtml capability can perform this, and such users are already allowed to use ...

4.8CVSS5.5AI score0.0062EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.11 views

CVE-2021-24165

In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wpajaxnfoauthconnect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place...

6.1CVSS6.6AI score0.01643EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 p.m.15 views

CVE-2020-8594

The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninjaformsrecaptchasitekey, ninjaformsrecaptchasecretkey, ninjaformsrecaptchalang, or ninjaformsdateformat...

5.4CVSS6.2AI score0.01195EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:33 p.m.9 views

CVE-2020-36174

The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration...

6.5CVSS7.1AI score0.00593EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:32 p.m.6 views

CVE-2020-36175

The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field...

5.3CVSS7AI score0.01183EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:31 p.m.11 views

CVE-2020-36173

The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields...

5.3CVSS7.1AI score0.01117EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 a.m.9 views

CVE-2018-20981

The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests...

9.1CVSS7.1AI score0.01744EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:32 a.m.10 views

CVE-2019-15025

The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page...

9.8CVSS8.1AI score0.01779EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:27 a.m.8 views

CVE-2018-20980

The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering...

7.5CVSS7.1AI score0.01392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:43 a.m.11 views

CVE-2025-2561

The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00212EPSS
Exploits1References1
OSV
OSV
added 2025/05/19 6:15 a.m.5 views

CVE-2025-2560

The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS7.3AI score0.00212EPSS
Exploits1References1
Rows per page
Query Builder