Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

2021-02-17 19:57

Ninja Forms, a WordPress plugin used by more than 1 million sites, contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems.

Ninja Forms offers WordPress site designers the ability to create forms using a drag-and-drop capability, with no coding skills required.

Attackers with subscriber or above access to a vulnerable WordPress site could establish a SendWP connection with their own SendWP account, so that all mail from the WordPress site would be routed through and logged in the attackers SendWP account.

According to Wordfence, attackers could establish an OAuth connection for a vulnerable WordPress site with their own account, and be able to install any purchased Add-On plugins on the target site that they choose.

"The plugin registers an AJAX action, wp ajax nf oauth connect, that is registered to the function connect() which is used to redirect a site owner back to the WordPress site's Ninja Forms service page after the user has finished the OAuth connection process," according to the analysis.

Developers of a plugin called Popup Builder - Responsive WordPress Pop up - Subscription & Newsletter, used by WordPress websites for building pop-up ads for newsletter subscriptions, issued a patch for a serious flaw.

News URL

https://threatpost.com/ninja-forms-wordpress-plugin-hacks/164042/

#hack #wordpress

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		49	36	409	104	29	578
Plugin		2	0	13	0	0	13