Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises.
To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month.
Ninja Forms — Unauthenticated PHP Object Injection
Security Risk: Critical
Exploitation Level: Can be exploited remotely without any authentication.