Vulnerabilities > Ninjaforms > Ninja Forms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-01 | CVE-2018-16308 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. | 8.6 |
| 2018-02-21 | CVE-2018-7280 | Cross-site Scripting vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.2.14 for WordPress has XSS. | 6.1 |
| 2016-05-14 | CVE-2016-1209 | Improper Input Validation vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request. | 9.8 |