WordPress Ninja Forms Unauthenticated File Upload
Posted by deepcore on May 27, 2016 – 7:07 pm
Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.
Post a reply
You must be logged in to post a comment.