Wordfence detected a total of four vulnerabilities in the Ninja Forms WordPress plugin that could allow attackers to:
- Redirect site administrators to random locations.
- Install a plugin that could be used to intercept all mail traffic.
- Retrieve the Ninja Form OAuth Connection Key used to establish a connection with the Ninja Forms central management dashboard.
- Trick a site administrators into performing an action that could disconnect a site’s OAuth Connection.
#wordpress #ninja forms #ninja forms plugin #bug