WordPress.org Forces Security Update for Critical Ninja Forms Vulnerability

WordPress.org Forces Security Update for Critical Ninja Forms Vulnerability

Posted by WP Tavern on June 20, 2022 at 12:56 pm
kitty kitty CATegory News
Late last week, Ninja Forms users received a forced security update from WordPress.org for a critical PHP Object Injection vulnerability. This particular vulnerability can be exploited remotely without any authentication. It was publicly disclosed last week and patched in the latest version, 3.6.11. Patches were also backported to versions 3.0.34.2, 3.1.10, 3.2.28, 3.3.21.4, 3.4.34.2, and 3.5.8.4. Wordfence noticed a back-ported security update in the form builder plugin, which has more than a million active installs. Threat analyst Chloe Chamberland explained the vulnerability in an advisory alerting the company’s users: We uncovered a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection. This could allow attackers to execute arbitrary code or delete arbitrary files on sites where a separate POP chain was present. The vulnerability affects Ninja Forms’ “Merge Tags” feature that auto-populates values from Post IDs and usernames, for example. Wordfence threat analyst Ramuel Gall reverse engineered the vulnerability’s patches to create a working proof of concept. He found that it is possible to call various Ninja Forms classes that could be used for a wide range…

…Full post on WP Tavern
Read Full

Similar Posts

Leave a Reply