This alert was published on the Wordfence blog. Wordfence has detected four vulnerabilities in the Ninja Forms plugin. They could allow attackers to:
- Redirect site administrators to random locations.
- Install a plugin that could be used to intercept all mail traffic.
- Retrieve the Ninja Form OAuth Connection Key used to establish a connection with the Ninja Forms central management dashboard.
- Trick a site administrators into performing an action that could disconnect a site’s OAuth Connection.
Those vulnerabilities could lead to attackers taking control of a site and performing any number of malicious actions.
Due to the severity of the exploits, an immediate update of the plugin is recommended. All vulnerabilities are patched in version 18.104.22.168 of the Ninja Forms plugin.