Vulnerabilities found by a researcher in a popular WordPress plugin can be exploited by malicious actors to gain access to sensitive data and take control of affected websites.
Formidable Forms, available both for free and as a paid version that provides additional features, is a plugin that allows users to easily create contact pages, polls and surveys, and other types of forms. The plugin has more than 200,000 active installations.
Jouko Pynnönen of Finland-based company Klikki Oy has analyzed the plugin and discovered several vulnerabilities, including ones that introduce serious security risks for the websites using it.