Plugin icon

File Uploads

ninja-forms-uploads

Vulnerabilities:

5

Last Updated:

April 8, 2026

Active Installs:

n/a

Published
Title
Fixed in
CVSS
Published
2026-04-06
Title
Ninja Forms - File Upload < 3.3.27 - Unauthenticated Arbitrary File Upload
Fixed in
Fixed in 3.3.27
CVSS
9.8 (critical)
Published
2024-09-06
Title
Ninja Forms File Uploads < 3.3.18 - Unauthenticated Stored Cross-Site Scripting via File Upload
Fixed in
Fixed in 3.3.18
CVSS
7.2 (high)
Published
2022-03-08
Title
Ninja Forms File Uploads Extension < 3.3.1 - Unauthenticated Arbitrary File Upload
Fixed in
Fixed in 3.3.1
CVSS
9.8 (critical)
Published
2022-03-08
Title
Ninja Forms File Uploads Extension < 3.3.13 - Unauthenticated Stored Cross-Site Scripting
Fixed in
Fixed in 3.3.13
CVSS
7.2 (high)
Published
2019-04-11
Title
Ninja Forms File Uploads Extension <= 3.0.22 - Unauthenticated Arbitrary File Upload
Fixed in
Fixed in 3.0.23
CVSS
8.1 (high)