On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are used together on a single WordPress installation.
Over the past couple of weeks, we’ve noticed a large influx in the number of malicious requests testing for the presence of the two popular WordPress plugins. Both of these plugins contain separate medium-risk vulnerabilities that, when combined, allow an attacker to remotely execute rogue code on the underlying server.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Marc-Alexandre Montpas. Read the original post at: https://blog.sucuri.net/2017/11/formidable-forms-shortcodes-ultimate-exploits-in-the-wild.html