Bleeping Computer

Ninja Forms WordPress plugin patch prevents takeover of 1M sites

Attackers can exploit this Ninja Forms bug by tricking WordPress admins into clicking specially crafted links that inject malicious JavaScript code as part of a newly-imported contact form. Ninja ...