Ninja Forms

Authenticated (Contributor+) Stored CrossSite Scripting via Shortcode vulnerability <= 3.8.24

6.5

30 January, 2025

Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability <= 3.8.22

6.3

30 December, 2024

Unauthenticated Stored CrossSite Scripting via Form Calculations vulnerability <= 3.8.19

7.1

12 December, 2024

Cross Site Scripting (XSS) vulnerability <= 3.8.16

5.9

28 October, 2024

Cross Site Scripting (XSS) vulnerability <= 3.8.16

5.9

28 October, 2024