CVE-2024-26019

Name of the Vulnerable Software and Affected Versions Ninja Forms versions prior to 3.8.1

Description The issue is related to a cross-site scripting vulnerability in submit processing. If exploited, an arbitrary script may be executed on the web browser of the user accessing the website using the product.

Recommendations For versions prior to 3.8.1, update to version 3.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the submit processing functionality until a patch is applied.