SecurityWeek

Hackers Targeting Critical Ninja Forms Bug That Exposes WordPress Sites to Takeover

The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.