Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-03	CVE-2018-19796	Open Redirect vulnerability in Ninjaforms Ninja Forms An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers to redirect a user via the lib/StepProcessing/step-processing.php (aka submissions download page) redirect parameter. network low complexity ninjaforms CWE-601	6.1
2018-02-21	CVE-2018-7280	Cross-site Scripting vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.2.14 for WordPress has XSS. network low complexity ninjaforms CWE-79	6.1