High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (2.7.7)	CWE-352	CWE-352	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (3.4.27)	CVE-2020-36174 CWE-352	CWE-352	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.8.6)	CVE-2014-8815 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.10)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.18)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.28)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.31)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.2.13)	CVE-2018-7280 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.17)	CVE-2018-19287 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.4.22.1)	CVE-2020-8594 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8.1)	CVE-2021-24381 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.6)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)	CVE-2023-1835 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.8.8)	CVE-2015-2220 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.21)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.51)	CWE-79	CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (2.9.42)	CVE-2016-1209 CWE-264 CWE-434 CWE-915	CWE-264 CWE-434 CWE-915	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.3.13)	CVE-2018-16308 CWE-20 CWE-79	CWE-20 CWE-79	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33)	CVE-2021-24163 CVE-2021-24165 CVE-2021-24166 CWE-200 CWE-352 CWE-601	CWE-200 CWE-352 CWE-601	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.34)	CVE-2021-24164 CWE-79 CWE-200	CWE-79 CWE-200	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Open Redirect (3.3.19)	CVE-2018-19796 CWE-601	CWE-601	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)	CWE-94	CWE-94	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Object Injection (3.6.12)	CVE-2022-2903 CWE-915	CWE-915	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.0.30)	CWE-264	CWE-264	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.5.7)	CVE-2021-34647 CVE-2021-34648 CWE-264	CWE-264	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.29)	CWE-89	CWE-89	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.55.1)	CWE-89	CWE-89	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.3.21.1)	CVE-2019-15025 CWE-89	CWE-89	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)	CVE-2021-24889 CWE-89	CWE-89	High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.8.9)	CVE-2014-9688		High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.9.24)			High
WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (3.4.27.1)	CVE-2020-36173		High
WordPress Plugin Ninja Forms with File Uploads Extension Arbitrary File Upload (3.3.0)	CVE-2022-0888 CWE-434	CWE-434	High
WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)	CVE-2022-0889 CWE-79	CWE-79	High
WordPress Plugin Ninja Forms with File Uploads Extension Multiple Vulnerabilities (3.0.22)	CVE-2019-10869 CWE-22 CWE-434	CWE-22 CWE-434	High
WordPress Plugin Ninja Popups Multiple Vulnerabilities (4.5.3)	CWE-22 CWE-915	CWE-22 CWE-915	High
WordPress Plugin Nmedia MailChimp Widget 'abs_path' Parameter Remote File Include (3.1)	CWE-94	CWE-94	High
WordPress Plugin Nmedia WordPress Member Conversation 'doupload.php' Arbitrary File Upload (1.3)	CVE-2012-3577 CWE-264	CWE-264	High
WordPress Plugin No Follow All External Links Spam Injection (2.3.0)	CWE-610	CWE-610	High
WordPress Plugin Nofollow for external link Multiple Unspecified Vulnerabilities (1.1.2)			High
WordPress Plugin Nofollow Links Cross-Site Scripting (1.0.10)	CVE-2016-4833 CWE-79	CWE-79	High
WordPress Plugin Nokia Maps & Places Cross-Site Scripting (1.6.6)	CVE-2014-1750 CWE-79	CWE-79	High
WordPress Plugin Nooz Cross-Site Scripting (1.6.0)	CVE-2023-25794 CWE-79	CWE-79	High
WordPress Plugin No Page Comment Multiple Vulnerabilities (1.1)	CWE-79 CWE-352	CWE-79 CWE-352	High
WordPress Plugin NOSpamPTI SQL Injection (2.1)	CVE-2013-5917 CWE-89	CWE-89	High
WordPress Plugin Note Press SQL Injection (0.1.1)	CWE-89	CWE-89	High
WordPress Plugin Notices Ticker Cross-Site Request Forgery (5.0)	CWE-352	CWE-352	High
WordPress Plugin Notices Ticker Cross-Site Scripting (6.1)	CVE-2021-38328 CWE-79	CWE-79	High
WordPress Plugin Notification-Custom Notifications and Alerts for WordPress Cross-Site Scripting (7.2.4)	CVE-2021-39340 CWE-79	CWE-79	High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar Cross-Site Request Forgery (1.8.2)	CWE-352	CWE-352	High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.8)	CVE-2022-0349 CWE-89	CWE-89	High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.11)	CWE-89	CWE-89	High
WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.8.2)	CVE-2024-1698 CWE-89	CWE-89	High
WordPress Plugin NS Utilities Unspecified Vulnerability (1.0)			High
WordPress Plugin Numbers generator and validator Multiple Unspecified Vulnerabilities (1.02)			High
WordPress Plugin O2Tweet Cross-Site Request Forgery (0.0.4)	CVE-2014-9338 CWE-352	CWE-352	High
WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)	CVE-2022-3119 CWE-287	CWE-287	High
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Cross-Site Scripting (6.20.2)	CWE-79	CWE-79	High
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities (6.24.1)	CVE-2023-1092 CVE-2023-1093 CWE-352	CWE-352	High
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass (6.22.5)	CVE-2022-2133 CWE-287	CWE-287	High
WordPress Plugin Occasions Cross-Site Request Forgery (1.0.4)	CWE-352	CWE-352	High
WordPress Plugin Ocean Extra Cross-Site Request Forgery (1.6.5)	CWE-352	CWE-352	High
WordPress Plugin Ocean Extra Cross-Site Scripting (1.9.4)	CVE-2021-25104 CWE-79	CWE-79	High
WordPress Plugin Ocean Extra Cross-Site Scripting (2.1.1)	CVE-2023-23891 CWE-79	CWE-79	High
WordPress Plugin Ocean Extra Multiple Vulnerabilities (2.1.2)	CVE-2023-0749 CVE-2023-24399 CWE-79 CWE-639	CWE-79 CWE-639	High
WordPress Plugin Ocean Extra PHP Object Injection (2.0.4)	CVE-2022-3374 CWE-915	CWE-915	High
WordPress Plugin Ocean Extra Security Bypass (1.5.8)	CVE-2019-16250 CWE-264	CWE-264	High
WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)	CWE-89	CWE-89	High
WordPress Plugin Official MailerLite Sign Up Forms Cross-Site Request Forgery (1.4.4)	CWE-352	CWE-352	High
WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)	CWE-89	CWE-89	High
WordPress Plugin OG Tags Cross-Site Request Forgery (2.0.1)	CVE-2021-20831 CWE-352	CWE-352	High
WordPress Plugin Oi Yandex.Maps for WordPress Cross-Site Scripting (3.2.7)	CVE-2023-22721 CWE-79	CWE-79	High
WordPress Plugin Oleggo LiveStream Cross-Site Scripting (0.2.6)	CVE-2014-4540 CWE-79	CWE-79	High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (2.7.7)

CWE-352

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Request Forgery (3.4.27)

CVE-2020-36174

CWE-352

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.8.6)

CVE-2014-8815

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.10)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.18)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.28)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.9.31)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.2.13)

CVE-2018-7280

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.17)

CVE-2018-19287

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.4.22.1)

CVE-2020-8594

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.5.8.1)

CVE-2021-24381

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.6)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)

CVE-2023-1835

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.8.8)

CVE-2015-2220

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.21)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.9.51)

CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (2.9.42)

CVE-2016-1209

CWE-264 CWE-434 CWE-915

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.3.13)

CVE-2018-16308

CWE-20 CWE-79

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33)

CVE-2021-24163 CVE-2021-24165 CVE-2021-24166

CWE-200 CWE-352 CWE-601

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.34)

CVE-2021-24164

CWE-79 CWE-200

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Open Redirect (3.3.19)

CVE-2018-19796

CWE-601

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)

CWE-94

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Object Injection (3.6.12)

CVE-2022-2903

CWE-915

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.0.30)

CWE-264

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.5.7)

CVE-2021-34647 CVE-2021-34648

CWE-264

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.29)

CWE-89

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.55.1)

CWE-89

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.3.21.1)

CVE-2019-15025

CWE-89

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)

CVE-2021-24889

CWE-89

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.8.9)

CVE-2014-9688

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.9.24)

High

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (3.4.27.1)

CVE-2020-36173

High

WordPress Plugin Ninja Forms with File Uploads Extension Arbitrary File Upload (3.3.0)

CVE-2022-0888

CWE-434

High

WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)

CVE-2022-0889

CWE-79

High

WordPress Plugin Ninja Forms with File Uploads Extension Multiple Vulnerabilities (3.0.22)

CVE-2019-10869

CWE-22 CWE-434

High

WordPress Plugin Ninja Popups Multiple Vulnerabilities (4.5.3)

CWE-22 CWE-915

High

WordPress Plugin Nmedia MailChimp Widget 'abs_path' Parameter Remote File Include (3.1)

CWE-94

High

WordPress Plugin Nmedia WordPress Member Conversation 'doupload.php' Arbitrary File Upload (1.3)

CVE-2012-3577

CWE-264

High

WordPress Plugin No Follow All External Links Spam Injection (2.3.0)

CWE-610

High

WordPress Plugin Nofollow for external link Multiple Unspecified Vulnerabilities (1.1.2)

High

WordPress Plugin Nofollow Links Cross-Site Scripting (1.0.10)

CVE-2016-4833

CWE-79

High

WordPress Plugin Nokia Maps & Places Cross-Site Scripting (1.6.6)

CVE-2014-1750

CWE-79

High

WordPress Plugin Nooz Cross-Site Scripting (1.6.0)

CVE-2023-25794

CWE-79

High

WordPress Plugin No Page Comment Multiple Vulnerabilities (1.1)

CWE-79 CWE-352

High

WordPress Plugin NOSpamPTI SQL Injection (2.1)

CVE-2013-5917

CWE-89

High

WordPress Plugin Note Press SQL Injection (0.1.1)

CWE-89

High

WordPress Plugin Notices Ticker Cross-Site Request Forgery (5.0)

CWE-352

High

WordPress Plugin Notices Ticker Cross-Site Scripting (6.1)

CVE-2021-38328

CWE-79

High

WordPress Plugin Notification-Custom Notifications and Alerts for WordPress Cross-Site Scripting (7.2.4)

CVE-2021-39340

CWE-79

High

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar Cross-Site Request Forgery (1.8.2)

CWE-352

High

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.8)

CVE-2022-0349

CWE-89

High

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.11)

CWE-89

High

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.8.2)

CVE-2024-1698

CWE-89

High

WordPress Plugin NS Utilities Unspecified Vulnerability (1.0)

High

WordPress Plugin Numbers generator and validator Multiple Unspecified Vulnerabilities (1.02)

High

WordPress Plugin O2Tweet Cross-Site Request Forgery (0.0.4)

CVE-2014-9338

CWE-352

High

WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)

CVE-2022-3119

CWE-287

High

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Cross-Site Scripting (6.20.2)

CWE-79

High

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities (6.24.1)

CVE-2023-1092 CVE-2023-1093

CWE-352

High

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass (6.22.5)

CVE-2022-2133

CWE-287

High

WordPress Plugin Occasions Cross-Site Request Forgery (1.0.4)

CWE-352

High

WordPress Plugin Ocean Extra Cross-Site Request Forgery (1.6.5)

CWE-352

High

WordPress Plugin Ocean Extra Cross-Site Scripting (1.9.4)

CVE-2021-25104

CWE-79

High

WordPress Plugin Ocean Extra Cross-Site Scripting (2.1.1)

CVE-2023-23891

CWE-79

High

WordPress Plugin Ocean Extra Multiple Vulnerabilities (2.1.2)

CVE-2023-0749 CVE-2023-24399

CWE-79 CWE-639

High

WordPress Plugin Ocean Extra PHP Object Injection (2.0.4)

CVE-2022-3374

CWE-915

High

WordPress Plugin Ocean Extra Security Bypass (1.5.8)

CVE-2019-16250

CWE-264

High

WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)

CWE-89

High

WordPress Plugin Official MailerLite Sign Up Forms Cross-Site Request Forgery (1.4.4)

CWE-352

High

WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)

CWE-89

High

WordPress Plugin OG Tags Cross-Site Request Forgery (2.0.1)

CVE-2021-20831

CWE-352

High

WordPress Plugin Oi Yandex.Maps for WordPress Cross-Site Scripting (3.2.7)

CVE-2023-22721

CWE-79

High

WordPress Plugin Oleggo LiveStream Cross-Site Scripting (0.2.6)

CVE-2014-4540

CWE-79

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities