Volerion logoVolerion
Volerion logoVolerion

Ninja Forms WordPress Plugin Insecure Direct Object Reference Vulnerability Allowing Unauthenticated Access to Sensitive Information

Vulnerability

A vulnerability exists in the Ninja Forms WordPress plugin, specifically in versions 3.13.2 and earlier, allowing for Insecure Direct Object Reference. The issue arises because the plugin fails to properly authenticate users before the 'ninja-forms-views' REST endpoints disclose form metadata and submission details. This flaw enables unauthenticated attackers to access arbitrary form definitions and submission records by exploiting a leaked bearer token, provided they can access a page with the Submissions Table block. Although a patch was released in version 3.13.1, it inadvertently created a new REST API endpoint that allowed the generation of valid bearer tokens for any form ID, rendering the fix ineffective.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive form data and submission records.

Remediation

Users are advised to update the Ninja Forms WordPress plugin to version 3.13.3 or a later patched version.

Added: Dec 17, 2025, 7:21 AM
Updated: Dec 17, 2025, 7:21 AM

Vulnerability Rating

Custom Algorithm
spread
7.6
impact
0.6
exploitability
7.1
remediation
7.7
relevance
1.6
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.