ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Ninja Forms Plugin <= 2.9.42.0 - PHP Object Injection

Product
Ninja Forms
Description
This vulnerability allows an attacker to conduct PHP object injection attacks via crafted serialized values in a POST request.
Solution
Update the plugin.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2016-1209
Versions
Affected In <= 2.9.42.0
Fixed In 2.9.42.1
Disclosure date
2015-12-26