Vulnerabilities > Ninjaforms > Ninja Forms > 3.3.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-22 | CVE-2018-20981 | Improper Input Validation vulnerability in Ninjaforms Ninja Forms The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | 6.4 |
| 2018-12-03 | CVE-2018-19796 | Open Redirect vulnerability in Ninjaforms Ninja Forms An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter. | 5.8 |
| 2018-09-01 | CVE-2018-16308 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. | 6.8 |