If you are using the Ninja Forms plugin, the latest update rolled out by WordPress is important for you.

The CMS has forced the update of more than a million sites that use a plugin victim of a critical security flaw. And it has already been actively exploited…

Vulnerable Ninja Forms WordPress Plugin

The plugin in question is Ninja Forms, which allows you to create custom contact forms. The vulnerability gets a CVSS score of 9.8/10. Exploited, it allows hackers to execute arbitrary code or delete files on certain sites.

According to Wordfence, WordPress’ cybersecurity team, the security flaw makes it possible for unauthenticated attackers to inject malicious code through Ninja Forms. This can thus lead to the complete takeover of the vulnerable site.

The owners of a site under WordPress do not in principle have to perform any manipulation to protect themselves from this security flaw. The update has been rolled out automatically, and you can now continue using Ninja Forms.

Avatar photo
By MondialPress

Following the global success of WordPress, we decided to launch MondialPress with the aim of optimizing the SEO of websites. The MondialPress team brings together specialists in the development of SEO performance strategies. We offer you the tools so that your website becomes the workhorse of your commercial approach.