Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild
Security Affairs
JUNE 19, 2022
The vulnerability resides in the Merge Tag feature of the plugin. “One feature of Ninja Forms is the ability to add “Merge Tags” to forms that will auto-populate values from other areas of WordPress like Post IDs and logged in user’s names. ” reads the advisory published by Wordfence. 3.1.10, 3.2.28, 3.3.21.4, and 3.6.11.
Let's personalize your content