CVE-2026-13369 | SaturdayDrive Ninja Forms Plugin up to 3.3.29 on WordPress Path Normalization attach_files file_path path traversal (EUVD-2026-41275)

SecurityVulns

A vulnerability classified as critical was found in SaturdayDrive Ninja Forms Plugin up to 3.3.29 on WordPress. Affected by this issue is the function attach_files of the component Path Normalization Handler. The manipulation of the argument file_path results in path traversal.

This vulnerability is identified as CVE-2026-13369. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More