Searchenginejournal.com

Malware Discovered In Gravity Forms WordPress Plugin

WordPress security company Patchstack published an advisory about a serious vulnerability in Gravity Forms caused by a supply chain attack. Gravity Forms responded immediately and released an update ...
Bleeping Computer

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use ...
Bleeping Computer

WordPress Gravity Forms developer hacked to push backdoored plugins

The popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. Gravity Forms is a ...
Dark Reading

Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm

Researchers discovered malicious activity impacting GitHub and popular WordPress and npm tools that could pose significant supply chain risks. In a new report, Armis Labs highlighted three recently ...
Searchenginejournal.com

Ninja Forms Plugin Vulnerability

Popular WordPress Forms plugin Ninja Form recently updated their plugin to patch a severe vulnerability. The vulnerability is rated a high severity because it could allow an attacker to steal admin ...
Threat Post

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking. Ninja Forms, a WordPress ...
ZDNet

Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking

The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form ...