A popular plugin for creating forms on WordPress websites called “Forminator Forms” has a security vulnerability. This means that unauthorized users with high level permissions can inject harmful web scripts into pages on the website, which can then be executed when someone visits that page. This only affects websites with multiple sites or with certain security settings disabled.