WordPress.Ninja.Forms.Plugin.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in WP Ninjas Ninja Forms File Upload.
A remote attacker could exploit this vulnerability by sending a crafted request to a vulnerable WordPress web site with Ninja Forms Plugin installed and Uploads add-on enabled. Successful exploitation could result in arbitrary code execution in the security context of the WordPress service or information disclosure.
Affected Products
WP Ninjas Ninja Forms File Upload prior to 3.0.23
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://ninjaforms.com/extensions/file-uploads/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-07-04 | 14.643 | Sig Added |
2019-06-14 | 14.633 | Default_action:pass:drop |
2019-06-05 | 14.626 |