Searchenginejournal.com

WordPress Contact Form Entries Plugin Vulnerability Affects 70K Websites

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...
Searchenginejournal.com

Vulnerability In Fluent Forms Contact Form WordPress Plugin

Fluent Forms Contact Form Builder is one of the most popular contact forms for WordPress, with over 300,000 installations. Its drag-and-drop interface makes creating custom contact forms easy so that ...
Threat Post

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. A patch for the popular WordPress plugin called Contact Form 7 was ...
Bleeping Computer

Ninja Forms WordPress plugin patch prevents takeover of 1M sites

Attackers can exploit this Ninja Forms bug by tricking WordPress admins into clicking specially crafted links that inject malicious JavaScript code as part of a newly-imported contact form. Ninja ...
ZDNet

Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking

The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form ...