Exploits have been detected in the Ninja Forms plugin for WordPress, which is installed on over a million sites. If not patched, these vulnerabilities can lead to a complete site takeover.
Wordfence identified four vulnerabilities in the Ninja Forms plugin that could allow attackers to:
– Redirect site administrators to random locations.
– Install a plugin to intercept all mail traffic.
– Retrieve the Ninja Form OAuth Connection Key, which connects to the Ninja Forms central management dashboard.
– Trick site administrators into performing an action that could disconnect a site’s OAuth Connection.
These vulnerabilities could enable attackers to take control of a site and execute various malicious actions.
Given the severity of these exploits, an immediate update of the plugin is strongly recommended. As of February 8, all vulnerabilities have been patched in version 3.4.34.1 of the Ninja Forms plugin. Ninja Forms is a widely-used plugin that allows site owners to create contact forms with an easy drag-and-drop interface.
With over 1 million active installations, it’s worth checking if your site’s contact form uses this plugin. A quick update will safeguard your site from the listed vulnerabilities.
The rapid response in patching these vulnerabilities reflects the developers’ commitment to security. Wordfence reported these issues to the Ninja Forms developers on January 20, and they were addressed by February 8.
### Vulnerability Exploits – The 3rd Greatest Threat to WordPress Sites
Vulnerability exploits pose a significant threat to WordPress sites, making it crucial to keep plugins updated with the latest security patches. A recent report highlighted vulnerability exploits as the third most significant threat to WordPress sites.
In 2020, there were 4.3 billion attempts to exploit vulnerabilities from over 9.7 million unique IP addresses. Every one of the 4 million sites analyzed in the report experienced at least one vulnerability exploit attempt last year.
Adding a firewall to your WordPress site can offer further protection by preventing attackers from exploiting plugin vulnerabilities, even if they haven’t been patched. When considering a new plugin, it’s a good practice to check its last update date; recent updates are typically a good sign.
Abandoned plugins, which may contain unpatched vulnerabilities, present a higher risk to sites.
### Avoid Pirated Plugins
Avoid using pirated versions of paid plugins, as they are a major source of WordPress security threats. Malware from pirated themes and plugins was the top threat to WordPress sites in 2020, affecting over 17% of all infected sites.
Sources suggest that pirated plugins have been removed from official WordPress repositories as of this week.
Source: Wordfence
