CVE-2024-25572

Name of the Vulnerable Software and Affected Versions Ninja Forms versions prior to 3.4.31

Description A cross-site request forgery (CSRF) issue exists, allowing unintended operations to be performed if a website administrator views a malicious page while logged in.

Recommendations For versions prior to 3.4.31, update to version 3.4.31 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive operations when viewing untrusted pages to minimize the risk of exploitation.