Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations

More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild.

With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites.

The exploited security issue, which was identified in the Merge Tag functionality of the plugin, does not have a CVE identifier yet, but it has a CVSS score of 9.8.

“One feature of Ninja Forms is the ability to add ‘Merge Tags’ to forms that will auto-populate values from other areas of…


More Info

About mblog.my

Check Also

New Prototype Runs WordPress in the Browser with No PHP Server – WP Tavern

Automattic-sponsored core contributor Adam Zielinski published a demo today of WordPress running in the browser …

Leave a Reply

Your email address will not be published. Required fields are marked *