Unrated severityNVD Advisory· Published Jun 16, 2022· Updated Apr 28, 2026
WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
CVE-2021-36827
Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.