Bleeping Computer

WordPress Ninja Forms plugin flaw lets hackers steal submitted data

Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. Researchers at Patchstack discovered ...
Bleeping Computer

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution. Identified as ...
Searchenginejournal.com

WordPress Ninja Forms Vulnerability Exposes Over a Million Sites

Today it was disclosed that the popular WordPress contact form called Ninja Forms patched two vulnerabilities, affecting over 1 million WordPress installations. This represents another in a growing ...
ZDNet

Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking

The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form ...
Dark Reading

WordPress Plug-in Ninja Forms Issues Update for Critical Bug

A new security update to the Ninja Forms WordPress plug-in — which has more than 1 million active installations — patches a code injection vulnerability researchers say is being actively exploited in ...
Searchenginejournal.com

WordPress: Bugs Detected in Ninja Forms Plugin, 1M Sites Affected

Exploits detected in the Ninja Forms plugin for WordPress, installed on over a million sites, can lead to a complete site takeover if not patched. Wordfence detected a total of four vulnerabilities in ...