Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

kstover — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting kstover. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kstover is primarily associated with security research and vulnerability disclosure, focusing on identifying flaws in enterprise software and web applications. Historically, their reported vulnerabilities span multiple classes including remote code execution, cross-site scripting, and privilege escalation, often affecting widely used systems. Security analysts note kstover's contributions to improving software security through responsible disclosure, though specific major incidents are not prominently documented. Their CVE record demonstrates consistent engagement with identifying and reporting security weaknesses, contributing to broader industry awareness. The nature of their reported vulnerabilities suggests expertise in both application security and system-level exploitation techniques, making their findings relevant to security professionals and software developers alike.

Top products by kstover: Ninja Forms – The Contact Form Builder That Grows With You
CVE IDTitleCVSSSeverityPublished
CVE-2026-1307 Ninja Forms <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor Token — Ninja Forms – The Contact Form Builder That Grows With YouCWE-200 6.5 Medium2026-03-28
CVE-2026-2268 Ninja Forms <= 3.14.0 - Unauthenticated Information Disclosure in nf_ajax_submit AJAX Action — Ninja Forms – The Contact Form Builder That Grows With YouCWE-200 7.5 High2026-02-10
CVE-2025-11924 Ninja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token — Ninja Forms – The Contact Form Builder That Grows With YouCWE-639 7.5 High2025-12-17
CVE-2025-10498 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2025-09-27
CVE-2025-10499 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2025-09-27
CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 6.4 Medium2025-06-27
CVE-2024-13470 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 6.4 Medium2025-01-30
CVE-2024-12238 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode Execution — Ninja Forms – The Contact Form Builder That Grows With YouCWE-94 6.3 Medium2024-12-29
CVE-2024-11052 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 7.2 High2024-12-12
CVE-2024-3866 Ninja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 4.7 Medium2024-09-25
CVE-2024-2108 Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Authenticated (Author+) Stored Cross-Site Scripting — Ninja Forms – The Contact Form Builder That Grows With YouCWE-79 4.6 Medium2024-03-29
CVE-2024-2113 Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission Export — Ninja Forms – The Contact Form Builder That Grows With YouCWE-352 4.3 Medium2024-03-29
CVE-2024-0685 Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection — Ninja Forms – The Contact Form Builder That Grows With YouCWE-89 5.9 Medium2024-02-02

This page lists every published CVE security advisory associated with kstover. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.