Select News Languages

English

Arabic

Telugu

Hindi

France

Log in

Have no account yet? Sign up

Create an account

I read and accept the Terms and conditions.

Already have an account? Log in

Reset password

Remember your password? Log in

Terms and conditions

Terms and Conditions

These terms and conditions apply to the News National app (hereby referred to as "Application") for mobile devices that was created by (hereby referred to as "Service Provider") as an Ad Supported service.

Upon downloading or utilizing the Application, you are automatically agreeing to the following terms. It is strongly advised that you thoroughly read and understand these terms prior to using the Application. Unauthorized copying or modification of the Application, any part of the Application, or our trademarks is strictly prohibited. Any attempts to extract the source code, translate the Application into other languages, or create derivative versions are not permitted. All intellectual property rights remain the property of the Service Provider.

The Service Provider is dedicated to ensuring the Application is as beneficial and efficient as possible. They reserve the right to modify the Application or charge for services at any time and for any reason. Any such charges will be clearly communicated.

The Application stores and processes personal data provided by you. You are responsible for maintaining the security of your device and access to the Application. Jailbreaking or rooting your device is strongly discouraged as it may compromise security and application performance.

Third-Party Services

The Application uses third-party services that have their own Terms and Conditions. Refer to the following links:

Google Play Services
AdMob
Google Analytics for Firebase
Firebase Crashlytics

Limitations and Responsibilities

Some Application functions require an internet connection (Wi-Fi or mobile data). The Service Provider is not responsible if the Application does not function fully due to lack of access or depleted data. If using the Application outside a Wi-Fi area, you accept responsibility for any charges incurred, including roaming fees. If you are not the bill payer, it is assumed you have obtained permission.

It is your responsibility to keep your device charged. The Service Provider is not responsible if the device is unavailable due to a drained battery.

While the Service Provider strives to keep the Application updated and accurate, they rely on third-party data and do not accept liability for losses caused by reliance on Application functionality.

Updates and Termination

The Application may be updated to remain compatible with the operating system. You agree to install updates as offered. The Service Provider may discontinue the Application at any time without notice. Upon termination:

Rights and licenses granted to you will end.
You must stop using the Application and delete it from your device.

Changes to These Terms and Conditions

The Service Provider may update these Terms and Conditions periodically. Please review this page regularly. Changes will be posted on this page.

Effective Date: 2025-07-23

Contact Us

If you have questions or suggestions about the Terms and Conditions, contact the Service Provider at:
📧 info@news-national.com

Do you agree to our terms? Sign up

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

Top News

5 hours ago

2

0 👍 ❤️ 😂 😮 😢 😡

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢

💉 Participate in the SQLsplorer Challenge! Now through September 22, 2025, all SQL Injection vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of researcher tier AND earn a 20% bonus on all SQL Injection vulnerability submissions.

On August 17th, 2025, we received a submission for an authenticated PHP Object Injection vulnerability in Fluent Forms, a WordPress plugin with more than 600,000 active installations. This vulnerability can be leveraged via an existing POP chain present in the plugin to read arbitrary files on the server, which may contain sensitive information.

Props to Webbernaut who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $1,729.00 for this discovery. Our mission is to secure WordPress through defense in depth, which is why we are investing in quality vulnerability research and collaborating with researchers of this caliber through our Bug Bounty Program. We are committed to making the WordPress ecosystem more secure through the detection and prevention of vulnerabilities, which is a critical element to our multi-layered approach to security.

All Wordfence Premium, Wordfence Care, and Wordfence Response customers, as well as those using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in Generic Object Injection protection.

We provided full disclosure details to the WPManageNinja team instantly through our Wordfence Vulnerability Management Portal on August 20, 2025. The developer released the patch on August 27, 2025. We would like to commend the WPManageNinja team for their prompt response and timely patch.

We urge users to update their sites with the latest patched version of Fluent Forms, version 6.1.2 at the time of this writing, as soon as possible.

Source : https://www.wordfence.com/blog/2025/09/600000-wordpress-sites-affected-by-php-object-injection-vulnerability-in-fluent-forms-wordpress-plugin/?utm_campaign=Wordfence%20Intelligence%20Marketing&utm_medium=email&_hsenc=p2ANqtz-9QICtnMpFcc6J2Uw3bJ_VROXrfxkWjbsSAUKZbviYJ2ZRllzeJ1q4WzLCsPiq3r_MZcR7onIp2KERmZzPBfTFaILmFHA&_hsmi=379540999&utm_content=379540999&utm_source=hs_email

Click here to Read more

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

Rats, litter from ditched cars greet Marundeeswarar Temple visitors

Cancer Daily Horoscope Today, September 8, 2025: The Moon Lights Up Hidden Opportunities

More hotels to serve trekkers near Gudiyam Caves soon

Cancer Daily Horoscope Today, September 8, 2025: The Moon Lights Up Hidden Opportunities

Gemini Daily Horoscope Today, September 8, 2025: Mercury Urges Careful Choices Amid Shifting Energies

'India has potential for small e-cars'

Government keeping 'good watch' on rupee movement: Sitharaman

France, New Zealand win big to advance to Women's Rugby World Cup quarter-finals

Sabalenka retains US Open title with straight-sets win over Anisimova

France kick off World Cup qualifying campaign with win over Ukraine

Alcaraz smashes Djokovic to head for blockbuster US Open final against Sinner

Trump Confirms US Secondary Sanctions On Russia As Moscow’s Largest Aerial Assault On Kyiv Kills 4

Adani International School Hosts ISSO National Games Chess Competition, Mumbai School Emerges Champion

US Treasury Chief Warns Of ‘Russian Economic Collapse’ Push, Tariffs On India In Spotlight

Nepal Journalists Protest Social Media Ban: 'Democracy Is Being Hacked, Dictatorship Coming Back'

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

Houthi Drone Hits Israeli Airport After Warning System Failure

Egypt-Israel Tensions Rise Over Attack on Gaza City

As Syria Tries to Move Away From Dictatorship, Signs of Authoritarianism Linger

Homeless and Hungry, Gazans Fear a Repeat of 1948 History

PM Modi ‘Reciprocates’ After Trump First ‘Sulks’ On India’s China’s ‘Pivot,’ Then Makes ‘U-Turn’

‘Modi & I Will Always Be Friends’: Trump’s Stunning U-TURN After Claiming US Lost India To China

Modi Savagely Torches Trump’s Tariffs After Meeting Putin, Xi At SCO Summit | ‘Selfish Economies…’

Trump’s Trade Adviser Rages As Putin-Modi-Xi SCO Bonhomie ‘Flips’ U.S.’ Tariff Gambit | ‘SHAME’

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

Top News

5 hours ago

2

0

👍 ❤️ 😂 😮 😢 😡

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

‘Party functionaries came voluntarily’

Comments (0)

Leave a Comment

SEARCH

Saved articles

Select News Languages

Log in

Create an account

Reset password

Terms and conditions

GDPR Compliance

News Hunt

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

Top News 5 hours ago

2

0

600,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Fluent Forms WordPress Plugin

‘Party functionaries came voluntarily’

Related Top News Updates:

Comments (0)

Leave a Comment

Top News

5 hours ago