Saturdaydrive Ninja Forms - File Uploads

4 CVEs affecting Saturdaydrive Ninja Forms - File Uploads. Latest disclosed: 2026-04-07. Critical: 2, High: 2.

Top CVEs affecting Saturdaydrive Ninja Forms - File Uploads
CVESeverityScorePublishedSummary
CVE-2026-0740Critical9.82026-04-07The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'NF_FU_AJAX_Controllers_…
CVE-2022-0888Critical9.82022-03-23The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~…
CVE-2024-1596High7.22024-09-07The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. RTX file) in all versions up to, an…
CVE-2022-0889High7.22022-03-23The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scripting due to missing sanitization of the files filename par…