Several WordPress sites vulnerable to a major security flaw 

Published June 18, 2022
Author: Ash Khan

Several WordPress sites vulnerable to a major security flaw 

Published June 18, 2022
Author: Ash Khan

Ninja Forms repairs serious flaw and it also allows full site takeover.

With over a million installs, Ninja Forms is a massively popular forms builder plugin for the WordPress website builder. It is vulnerable to a high-severity bug that might allow threat actors to total website takeover.

Ninja Forms recently issued a new patch that, when reverse-engineered, revealed a code injection vulnerability. This vulnerability affected all versions beginning with 3.0.

According to Wordfence threat intelligence, if cyber criminals remotely run code through deserialization, they can entirely take over a vulnerable site. Which in its originality is a piece of bad news for people with the less protected sites.  

Reports of misuse

Wordfence threat intelligence lead discovered a code injection vulnerability that allowed unauthenticated attackers to use a limited number of methods in multiple Ninja Forms classes. I also included one that unserialized user-supplied content, this resulted in Object Injection.

So, hackers can use this to run random code or delete arbitrary files on sites with a separate POP chain.

To make matters worse, Wordfence discovered that the issue was being used in the wild.

According to the technology news website Bleeping Computer, the patch was forced-pushed to the bulk of the impacted sites. As per the patch’s download statistics, over 730,000 websites have already been fixed. Although these numbers are encouraging, however, still hundreds of thousands of websites are now vulnerable to being hacked and taken over.

The users who use Ninja Forms and haven’t upgraded it yet should do it manually as soon as possible. This may be done through the dashboard, and administrators should ensure that their plugin has been upgraded to version 3.6.11.

This is not the first time a critical issue in Ninja Forms has been discovered. In 2020 all versions of the plugin up to 3.4.24.2 were discovered to be vulnerable to the Cross-Site Request Forgery (CSRF) vulnerability. This one could have been used to execute Stored Cross-Site Scripting (Stored XSS) attacks on users’ WordPress sites, therefore taking control of them.

Post Views: 342
0

Popular Tags

API Integration Branding Services Business Cloud Backup storage cloud storage Cloud VPS Server Hosting Database Services Digital Marketing eBay Store Email Hosting Email Marketing & CRM Email security Explainer Video Facebook Ads Fast Vpn FTP hosting GMAIL Google Ads Google Workspace hacked website repair IT Support Services Linux Managed AWS Cloud Managed Azure Cloud Microsoft 365 Microsoft Office 365 Microsoft Teams Integration mobile apps Outlook email Reseller Hosting SEO Services Server Management SIM Hosting Service SMS Services Social Media Marketing SQL Services Transfer Domain Name Vulnerability Assessment web applications Web Hosting Web Maintenance Website Designing website repair services Website Security Wordpress Hosting

Latest Posts