Unrated severityNVD Advisory· Published Jan 2, 2026· Updated Jan 2, 2026
Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure
CVE-2025-14072
Description
The Ninja Forms WordPress plugin before 3.13.3 allows unauthenticated attackers to generate valid access tokens via the REST API which can then be used to read form submissions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/4b19a333-eb19-4903-aa96-1fe871dd0f9f/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.