Security News > 2021 > February > Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks
2021-02-17 19:57

Ninja Forms, a WordPress plugin used by more than 1 million sites, contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems.

Ninja Forms offers WordPress site designers the ability to create forms using a drag-and-drop capability, with no coding skills required.

Attackers with subscriber or above access to a vulnerable WordPress site could establish a SendWP connection with their own SendWP account, so that all mail from the WordPress site would be routed through and logged in the attackers SendWP account.

According to Wordfence, attackers could establish an OAuth connection for a vulnerable WordPress site with their own account, and be able to install any purchased Add-On plugins on the target site that they choose.

"The plugin registers an AJAX action, wp ajax nf oauth connect, that is registered to the function connect() which is used to redirect a site owner back to the WordPress site's Ninja Forms service page after the user has finished the OAuth connection process," according to the analysis.

Developers of a plugin called Popup Builder - Responsive WordPress Pop up - Subscription & Newsletter, used by WordPress websites for building pop-up ads for newsletter subscriptions, issued a patch for a serious flaw.


News URL

https://threatpost.com/ninja-forms-wordpress-plugin-hacks/164042/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 95 44 18 159
Plugin 2 0 13 1 0 14