Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data theft. The Ninja Forms plugin for WordPress is affected by multiple vulnerabilities (tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393) that can be exploited by threat actors to escalate privileges and steal sensitive data.

Source: Security Affairs