WordPress Ninja Forms at risk exposes over a million sites

Sep 29, 2021

WordPress Ninja Forms at risk exposes over a million sites

WordPress ninja forms could expose your site to numerous vulnerabilities. It has affected over one million WordPress installations.

There seems to be nothing wrong with the WordPress REST API itself. The problems reside in how WordPress plugins have designed their interactions with the REST API.

The vulnerabilities originated from the single REST API validation issue related to Permissions Callbacks. The permissions callback is a part of the authentication process that restricts access to REST API Endpoints to authorized users.

The vulnerabilities include:

Sensitive Information Disclosure
Unprotected REST-API to Email Injection

Users of the WordPress Ninja Forms plugin should update their plugin immediately.

Read more at www.searchenginejournal.com

WordPress Ninja Forms at risk exposes over a million sites

TikTok to Share Guides and Insights for Marketers via its Mini Site - 'TikTok World Hub'

LinkedIn Now Has 930 Million Members On Its Platform

Tucker Carlson to Broadcast his New Show On Twitter, And Not On Fox News

Twitter All Set to Acquire Job Matching Start-Up Laskie

Recommended For You