Bleeping Computer

Ninja Forms WordPress plugin patch prevents takeover of 1M sites

Attackers can exploit this Ninja Forms bug by tricking WordPress admins into clicking specially crafted links that inject malicious JavaScript code as part of a newly-imported contact form. Ninja ...
Threat Post

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow ...
Searchenginejournal.com

Vulnerabilities In Two WordPress Contact Form Plugins Affect +1.1 Million

The affected contact form plugins are Ninja Forms, (with over 800,000 installations) and Contact Form Plugin by Fluent Forms (+300,000 installations). The vulnerabilities are not related to each other ...
Threat Post

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking. Ninja Forms, a WordPress ...
TechRadar

Best WordPress plugin of 2025

We list the best WordPress plugins, to make it simple and easy to add targeted features that increase the performance and interactivity of your WordPress website. The way we use the web has changed ...