Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ninja Team — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Ninja Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ninja Team primarily develops penetration testing tools and security research, focusing on identifying vulnerabilities in web applications and enterprise systems. Historically, they have commonly reported Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation flaws, often in popular software and frameworks. The group is known for releasing proof-of-concept exploits shortly after disclosure, sometimes before patches are available. Their activities have led to significant security incidents, including the exploitation of zero-day vulnerabilities in widely used systems. With 16 CVEs attributed to them, Ninja Team remains a notable contributor to the security research landscape, though their methods sometimes draw criticism for accelerating potential attacks.

Top products by Ninja Team: Filebird GDPR CCPA Compliance Support Click to Chat – WP Support All-in-One Floating Widget FileBird – WordPress Media Library Folders & File Manager FastDup – Fastest WordPress Migration & Duplicator FileBird Document Library Ninja Beaver Add-ons for Beaver Builder Multi Step for Contact Form Notibar File Manager Pro
CVE IDTitleCVSSSeverityPublished
CVE-2025-68073 WordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerability — GDPR CCPA Compliance SupportCWE-862 6.5 Medium2026-01-22
CVE-2025-52710 WordPress File Manager Pro plugin <= 1.8.8 - Cross Site Scripting (XSS) Vulnerability — File Manager ProCWE-79 5.9 Medium2025-06-20
CVE-2025-48260 WordPress GDPR CCPA Compliance Support plugin <= 2.7.3 - Broken Access Control Vulnerability — GDPR CCPA Compliance SupportCWE-862 4.3 Medium2025-05-19
CVE-2025-31092 WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability — Click to Chat – WP Support All-in-One Floating WidgetCWE-79 6.5 Medium2025-03-27
CVE-2025-26977 WordPress FileBird plugin <= 6.4.2.1 - Insecure Direct Object References (IDOR) vulnerability — FilebirdCWE-639 3.8 Low2025-02-25
CVE-2025-24591 WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability — GDPR CCPA Compliance SupportCWE-862 4.3 Medium2025-01-24
CVE-2024-54269 WordPress Notibar plugin <= 2.1.4 - Broken Access Control vulnerability — NotibarCWE-862 4.3 Medium2024-12-11
CVE-2023-25966 WordPress FileBird plugin <= 5.1.4 - Broken Access Control vulnerability — FilebirdCWE-862 5.5 Medium2024-12-09
CVE-2024-53825 WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability — FilebirdCWE-862 4.7 Medium2024-12-06
CVE-2024-49281 WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability — Click to Chat – WP Support All-in-One Floating WidgetCWE-78 6.5 Medium2024-10-17
CVE-2024-47331 WordPress Multi Step for Contact Form plugin <= 2.7.7 - Unauthenticated SQL Injection vulnerability — Multi Step for Contact FormCWE-89 9.3 Critical2024-10-11
CVE-2024-37244 WordPress Ninja Beaver Add-ons for Beaver Builder plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability — Ninja Beaver Add-ons for Beaver BuilderCWE-79 6.5 Medium2024-07-22
CVE-2024-37504 WordPress FileBird Document Library plugin <= 2.0.6 - Sensitive Data Exposure vulnerability — FileBird Document LibraryCWE-200 5.3 Medium2024-07-10
CVE-2024-35166 WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability — FilebirdCWE-200 5.3 Medium2024-05-13
CVE-2023-51406 WordPress FastDup Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure — FastDup – Fastest WordPress Migration & DuplicatorCWE-200 5.3 Medium2024-01-08
CVE-2021-24385 Filebird 4.7.3 - Unauthenticated SQL Injection — FileBird – WordPress Media Library Folders & File ManagerCWE-89 9.8 -2021-07-12

This page lists every published CVE security advisory associated with Ninja Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.