Kali Forms unauthenticated RCE is under active exploitation
Wordfence reports active exploitation of an unauthenticated RCE in the WordPress plugin `Kali Forms` (<=2.4.9) via `form_process`, fixed in 2.4.10.
NewsWordPressWeb Security
2 minYesterday
News
RSSApplication security news, updated daily (if there is any news to share).
Loading news…
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.