If you are using the Ninja Forms plugin, the latest update deployed by WordPress is important to you.
The CMS has forced the update of more than a million sites that use a plugin victim of a critical security flaw. And it has already been actively exploited…
Vulnerable Ninja Forms WordPress Plugin
The plugin in question is Ninja Forms, which allows you to create custom contact forms. The vulnerability gets a CVSS score of 9.8/10. Exploited, it allows hackers to execute arbitrary code or delete files on certain sites.
According to Wordfence, WordPress’ cybersecurity team, the security flaw makes it possible for unauthenticated attackers to inject malicious code through Ninja Forms. This can thus lead to a complete takeover of the vulnerable site.
The owners of a site under WordPress do not in principle have to perform any manipulation to protect themselves from this security flaw. The update has been rolled out automatically, and you can now continue using Ninja Forms.
See the offer
8
- Quick learning
- Thousands of themes
- Almost 60,000 extensions
WordPress is the undisputed star of the web. Its ergonomics, the richness of its templates (reactive, free or paid), the myriad of extensions, its referencing capacities are attractive. The other side of the coin, it concentrates most of the cyberattacks and quickly becomes slow. WordPress site owners have a tendency to accumulate useless plugins, often without updating them. Depending on the needs of the company or the individual, it is therefore necessary to check the relevance of this CMS.
WordPress is the undisputed star of the web. Its ergonomics, the richness of its templates (reactive, free or paid), the myriad of extensions, its referencing capacities are attractive. The other side of the coin, it concentrates most of the cyberattacks and quickly becomes slow. WordPress site owners have a tendency to accumulate useless plugins, often without updating them. Depending on the needs of the company or the individual, it is therefore necessary to check the relevance of this CMS.
Do you want to create a website, personally or professionally? The content manager (or CMS) has become essential. There are hundreds of CMS on the market: free, open source, paid, hosted… A real headache to distinguish them. Here is our selection of the best CMS to create your site easily!
Read more
Source : The Hacker News
0