all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Add to bookmarks
July 31, 2023, 6:42 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data.
The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below, Patchstack said in a report last week. Ninja Forms is installed on over 800,000 sites.
A brief description

cve data exploited flaws forms impact ninja forms plugin privileges report security sensitive data steal threat threat actors vulnerabilities vulnerable week wordpress

Visit resource

More from thehackernews.com / The Hacker News

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 18 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 18 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 21 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components 22 hours ago | thehackernews.com
access account android android devices +20
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs 1 day ago | thehackernews.com
act apple apple macos arm +19
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities 2 days, 23 hours ago | thehackernews.com
actor apt28 campaign cyber +24
Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back 3 days, 19 hours ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications 3 days, 19 hours ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 3 days, 21 hours ago | thehackernews.com
address applications business corporate +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Offensive Security Engineering Technical Lead, Device Security

@ Google | Amsterdam, Netherlands
View on infosec-jobs.com

Senior Security Engineering Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Information System Security Analyst

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States
View on infosec-jobs.com

Critical Facility Security Officer - Evening Shift

@ Allied Universal | Charlotte, NC, United States
View on infosec-jobs.com

Information System Security Officer, Junior

@ Resource Management Concepts, Inc. | Patuxent River, Maryland, United States
View on infosec-jobs.com

Security Engineer

@ JPMorgan Chase & Co. | Plano, TX, United States
View on infosec-jobs.com
View more jobs