Is "Ninja Forms" safe?
WordPress Plugin security and safety information.
Rating: Good (current version safe)
Recommendations
Ninja Forms: Plugin Details
| Type: | Plugin |
| Author: | The WP Ninjas |
| URL: | https://wordpress.org/plugins/ninja-forms/ |
| Latest Version: | 3.4.28 |
Ninja Forms: Security Information
| Insecure versions: | Up To 3.4.27.1 |
| Known since: | 2021-01-08 13:11:59 |
| Insecure versions: | Up To 3.4.27 |
| Known since: | 2021-01-08 13:11:32 |
| Insecure versions: | Up To 3.4.27 |
| Known since: | 2020-10-09 13:25:38 |
| Description: | The plugin is affected by a Cross-Site Request Forgery (CSRF) which could allow attackers to make a logged administrator install an arbitrary plugin from the WordPress repository. |
| Insecure versions: | Up To 2.8.9 |
| Known since: | 2020-05-01 00:28:33 |
| Description: | Ninja Forms - Unspecified Issue Affecting Admin Users |
| Insecure versions: | Up To 2.8.8 |
| Known since: | 2020-05-01 00:25:47 |
| Description: | Ninja Forms - Stored & Reflected XSS |
| Insecure versions: | Up To 2.8.6 |
| Known since: | 2020-05-01 00:22:34 |
| Description: | Ninja Forms - Reflected Cross-Site Scripting (XSS) |
| Insecure versions: | Up To 2.9.21 |
| Known since: | 2020-05-01 00:17:44 |
| Description: | Ninja Forms - Authenticated Reflected Cross-Site Scripting (XSS) |
| Insecure versions: | Up To 3.3.17 |
| Known since: | 2020-04-30 23:58:21 |
| Description: | Details: Ninja Forms - Unauthenticated Cross-Site Scripting (XSS) |
| Insecure versions: | Up To 3.3.21 |
| Known since: | 2020-04-30 23:56:33 |
| Description: | Ninja Forms - XSS and SQLi |
| Insecure versions: | Up To 3.3.19 |
| Known since: | 2020-04-30 23:54:58 |
| Description: | Authenticated Open Redirect |
| Insecure versions: | Up To 3.4.24.1 |
| Known since: | 2020-04-30 23:47:49 |
| Description: | CSRF to XSS |
| Insecure versions: | Up To 3.3.21.1 |
| Known since: | 2020-02-20 16:42:41 |
| Insecure versions: | Up To 3.3.8 |
| Known since: | 2020-02-20 16:36:27 |
| Insecure versions: | Up To 3.1.9 |
| Known since: | 2020-02-20 16:34:51 |
| Insecure versions: | Up To 3.0 |
| Known since: | 2020-02-20 16:34:11 |
| Insecure versions: | Up To 3.4.2.11 |
| Known since: | 2020-02-20 16:33:32 |
| Insecure versions: | Up To 3.3.21 |
| Known since: | 2019-06-21 17:50:46 |
| Insecure versions: | Up To 3.3.19 |
| Known since: | 2018-12-05 17:37:12 |
| Insecure versions: | Up To 3.3.17 |
| Known since: | 2018-11-16 17:41:40 |
| Insecure versions: | Up To 3.3.13 |
| Known since: | 2018-09-03 16:10:51 |
| Insecure versions: | Up To 3.3.13 |
| Known since: | 2018-09-03 16:10:37 |
| Insecure versions: | Up To 3.2.13 |
| Known since: | 2018-02-23 02:02:16 |
| Insecure versions: | Up To 2.9.55.1 |
| Known since: | 2016-08-17 14:27:20 |
| Insecure versions: | Up To 2.9.51 |
| Known since: | 2016-07-21 02:01:33 |
| Description: | https://sumofpwn.nl/advisory/2016/multiple_cross_site_scripting_vulnerabilities_in_ninja_forms_wordpress_plugin.html |
| Insecure versions: | Up To 2.9.42 |
| Known since: | 2016-05-05 13:35:29 |
| Insecure versions: | Up To 2.9.27 |
| Known since: | 2015-11-11 19:23:24 |
| Insecure versions: | Up To 2.9.18 |
| Known since: | 2015-09-13 21:26:50 |
| Insecure versions: | Up To 2.9.18 |
| Known since: | 2015-09-13 21:26:50 |
Ninja Forms: Safety Recommendations
We have rated Ninja Forms as Good (current version safe) which means that we have found vulnerabilities in older versions.
We recommend that you only use the latest version of Ninja Forms.
Ninja Forms: Staying Up-to-date
Make sure your installation of Ninja Forms is safe with the following free Jetpack services for WordPress sites:
- Updates & Management
Turn on auto-updates for Ninja Forms or manage in bulk. - Prevent Infiltrations
Automatic protection against brute force attacks and secure sign on.
Ninja Forms: Keeping Safe
If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:
- Automated Backups
Full backup of your entire site with unlimited storage space. - Restores & Migrations
Restore or migrate your site from a backup with one click. - Security Scanning
Regular, automated scans of your site for malware, threats, and hacks. - Expert Support
Fast, priority support for any WordPress security issue.
About this information
This WordPress security information is part of our security library and is brought to you by Jetpack as part of our committment to a safer WordPress experience.
If you have any questions, please do not hesitate to contact us.
