Critical Vulnerability in Ninja Forms Exposes WordPress Sites
ATT&CK techniques detected
T1190Exploit Public-Facing Application
90%
"traversal techniques to place files in sensitive directories - execute malicious code remotely after upload as a result, attackers could gain full control of affected websites, often by deploying webshells or similar tools. in an advisory published on monday, wordfence said it ac…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
78%
"critical vulnerability in ninja forms exposes wordpress sites a critical arbitrary file upload vulnerability in ninja forms – file upload plugin has been identified, exposing thousands of wordpress sites to potential compromise. the issue affects plugin versions up to 3. 3. 26 an…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.27 immediately