600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin 📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 💉 Participate in the SQLsplorer Challenge! Now through September 22, 2025, all SQL Injection vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of researcher tier AND earn a 20% bonus on all SQL Injection vulnerability submissions. On August 17th, 2025, we received a submission for an authenticated PHP Object Injection vulnerability in Fluent Forms, a WordPress plugin with more than 600,000 active installations. This vulnerability can be leveraged via an existing POP chain present in the plugin to read arbitrary files on the server, which may contain sensitive information. Props to Webbernaut who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $1,729.00 for this discovery. Our mission is to secure WordPress through defense in depth, which is why we are investing in quality vulnerability research and collaborating with researchers of this caliber through our Bug Bounty Program. We are committed to making the WordPress ecosystem more secure through the detection and prevention of vulnerabilities, which is a critical element to our multi-layered approach to security. All Wordfence Premium, Wordfence Care, and Wordfence Response customers, as well as those using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in Generic Object Injection protection. We provided full disclosure details to the WPManageNinja team instantly through our Wordfence Vulnerability Management Portal on August 20, 2025. The developer released the patch on August 27, 2025. We would like to commend the WPManageNinja team for their prompt response and timely patch. We urge users to update their sites with the latest patched version of Fluent Forms, version 6.1.2 at the time of this writing, as soon as possible. Source : https://www.wordfence.com/blog/2025/09/600000-wordpress-sites-affected-by-php-object-injection-vulnerability-in-fluent-forms-wordpress-plugin/?utm_campaign=Wordfence%20Intelligence%20Marketing&utm_medium=email&_hsenc=p2ANqtz-9QICtnMpFcc6J2Uw3bJ_VROXrfxkWjbsSAUKZbviYJ2ZRllzeJ1q4WzLCsPiq3r_MZcR7onIp2KERmZzPBfTFaILmFHA&_hsmi=379540999&utm_content=379540999&utm_source=hs_email

Top News

0 3 0

Today emphasizes the power of consistency in fostering confidence across various aspects of life. By adhering to routines and practicing patience, individuals can establish a solid foundation for personal growth and stability. This approach extends to love, career, finances, and health, where steady efforts and thoughtful decisions lead to security and well-being.

Times of India

0 3 0

Today, Gemini, embrace balance in all aspects of life. Steady progress, thoughtful planning, and calm energy will lead to satisfaction. In love, harmony and trust deepen through balanced interactions. Career success arises from focused tasks and a thoughtful approach. Financial stability comes from mindful choices and consistent habits.

Times of India

0 2 0

Volkswagen CEO Oliver Blume has identified India as a promising market for its upcoming line of affordable small electric vehicles. The German automotive giant is actively collaborating with partners to explore the optimal strategies for introducing these electric cars to the Indian market, recognizing its growing significance as the world's third-largest automotive market.

Times of India

0 2 0

Finance Minister Nirmala Sitharaman stated the government is closely monitoring exchange rates, highlighting the widespread depreciation of currencies against the strengthening US dollar. The rupee recently hit a record low of 88.27 against the dollar, influenced by concerns over newly imposed US tariffs, including a significant penalty on Russian crude oil imports, impacting key sectors like textiles and gems.

Times of India

0 2 0

Crisil Intelligence reports that India Inc's revenue is expected to increase by 6-7% this fiscal year, driven by reduced GST rates. While the rate cuts are anticipated to boost consumption, accounting for 15% of corporate revenue, the anti-profiteering rule may limit significant profit margin expansion for companies.

Times of India

0 3 0