Vulnerabilities > Ninjaforms > Ninja Forms > 3.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-22 | CVE-2021-34648 | Missing Authorization vulnerability in Ninjaforms Ninja Forms The Ninja Forms WordPress plugin is vulnerable to arbitrary email sending via the trigger_email_action function found in the ~/includes/Routes/Submissions.php file, in versions up to and including 3.5.7. | 4.3 |