Vulnerabilities > Ninjaforms > Ninja Forms > 3.6.28
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-06 | CVE-2023-5530 | Cross-site Scripting vulnerability in Ninjaforms Ninja Forms The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. | 4.8 |