Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability

WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that’s suspected of having been actively exploited in the wild.

The issue, which relates to a case of code injection, is rated 9.8 out of 10 for severity and affects multiple versions starting from 3.0. It has been fixed in 3.0.34.2, 3.1.10, 3.2.28, 3.3.21.4, 3.4.34.2, 3.5.8.4, and 3.6.11.

CyberSecurity

Ninja Forms is a customizable contact form builder that has over 1 million installations.

According to Wordfence, the bug “made it possible for unauthenticated…


More Info

About mblog.my

Check Also

Morphii Pro and Pro+ for WordPress Plugin Upgrades Now Available

Morphii Pro and Pro+ Plugin “Moprhii makes the feedback experience a little more fun and …

Leave a Reply

Your email address will not be published. Required fields are marked *