CVE-2026-1307 | kstover Ninja Forms Plugin up to 3.14.1 on WordPress blocks/bootstrap.php admin_enqueue_scripts information disclosure

Inserito da Angelo Barbosa | Mar 28, 2026 | CVE

A vulnerability labeled as problematic has been found in kstover Ninja Forms Plugin up to 3.14.1 on WordPress. This affects the function admin_enqueue_scripts of the file blocks/bootstrap.php. Executing a manipulation can lead to information disclosure.

This vulnerability is registered as CVE-2026-1307. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-1307 | kstover Ninja Forms Plugin up to 3.14.1 on WordPress blocks/bootstrap.php admin_enqueue_scripts information disclosure

Post correlati

CVE-2023-52615 | Linux Kernel up to 6.7.2 hwrng copy_to_user stack-based overflow

CVE-2025-49002 | DataEase up to 2.10.9 Incomplete Fix CVE-2025-32966 authentication spoofing

CVE-2024-37273 | Jan 0.4.12 File /v1/app/appendFileSync unrestricted upload

CVE-2025-24510 | Siemens MS-TP Point Pickup Module BACnet MSTP Message denial of service (ssa-668154)