Multiple high-severity vulnerabilities have been discovered in Ninja Forms, a popular forms builder plugin for WordPress with over 900,000 active installations. The plugin, developed by Saturday Drive, allows users to create various types of forms, including contact forms, event registrations, file uploads and payments.

Source: Infosecurity Magazine – Information Security & IT Security