New vulnerability allows attackers to takeover entire WordPress website
New vulnerability allows attackers to takeover entire WordPress website
Threat Level
Vulnerability Report
For a detailed advisory, download the pdf file here
Summary
An unauthenticated attacker can call multiple methods in Ninja Forms class in order to inject objects to eventually perform Remote Code Execution(RCE).