Popular WordPress Forms plugin Ninja Form recently updated their plugin to patch a severe vulnerability. The vulnerability is rated a high severity because it could allow an attacker to steal admin level access and take over the entire website.
Cross-Site Request Forgery Vulnerability
The exploit that is causing this is called Cross-Site Request Forgery. This kind of vulnerability exploits a lack of a normal security check which then allows an attacker to upload or replace files and even gain administrative access.
This is how the Common Weakness Enumeration site, describes this kind of…