Vulnerabilities In Two WordPress Contact Form Plugins Affect +1.1 Million – Search Engine Journal

Advisories have been issued regarding vulnerabilities discovered in two of the most popular WordPress contact form plugins, potentially affecting over 1.1 million installations. Users are advised to update their plugins to the latest versions.

+1 Million WordPress Contact Forms Installations

The affected contact form plugins are Ninja Forms, (with over 800,000 installations) and Contact Form Plugin by Fluent Forms (+300,000 installations). The vulnerabilities are not related to each other and arise from separate security flaws.

Ninja Forms is affected by a failure to escape a URL which can lead to a reflected cross-site scripting attack (reflected XSS) and the Fluent Forms vulnerability is due to an insufficient capability check.

Ninja Forms Reflected Cross-Site Scripting

A a Reflected Cross-Site Scripting vulnerability, which the Ninja Forms plugin is at risk for, can allow an attacker to target an admin level user at a website in order to gain their associated website privileges….

Read Full Story: https://news.google.com/rss/articles/CBMiigFBVV95cUxOX0FjaktiUzlPeTVVeVIyRVFFdzJiYlRTXzE0U0ZfX1VEZEgySFRJYk5rV29yRHVsLWZTRm13WE91bW15TS14SUZLQXRXRGlsUDZ4ZklocEFMQWp2TXkyTGtGbFU1M3lXaGl2VnhFanJ4dzNJLUFaVmJKZ2QwM19DQVBGSmJoNE5IYnc?oc=5

The post Vulnerabilities In Two WordPress Contact Form Plugins Affect +1.1 Million – Search Engine Journal first appeared on One SEO Company News.

source: https://news.oneseocompany.com/2024/09/03/vulnerabilities-in-two-wordpress-contact-form-plugins-affect-11-million-search-engine-journal_2024090358244.html

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.