Security News > 2020 > May > Flaws in Ninja Forms, LearnPress Plugins Exposed WordPress Sites to Attacks
High-severity vulnerabilities patched in the Ninja Forms and LearnPress WordPress plugins could be exploited to take over vulnerable sites, WordPress security company Defiant reports.
The developers of highly popular Ninja Forms last week addressed Cross-Site Request Forgery and Stored Cross-Site Scripting vulnerabilities that attackers could chain to trick an admin into importing a contact form containing malicious JavaScript code that would then get executed when certain pages are visited.
With more than 1 million installations, the Ninja Forms plugin allows site admins to create user friendly WordPress forms even without coding skills.
The issue was related to a feature that allowed Ninja Forms users to revert the plugin's styling and features to those of version 2.9.x. Two of the functions that it adds as part of this feature failed to check nonces, and one of them allowed importing forms containing custom HTML. An attacker able to trick an administrator into clicking a crafted link could spoof requests using the admin's session and import a form containing malicious code.
Disclosed on April 27, the vulnerability was addressed the very next day with the release of Ninja Forms 3.4.24.2.