A popular plugin called “Form Maker” for WordPress has a security issue that could allow hackers to insert harmful code into website pages. This could happen if the website administrator has not properly protected the plugin’s settings. The vulnerability affects all versions up to 1.15.29 and can only be exploited by someone with high-level access to the website. It mainly affects multi-site installations and sites where a certain security feature has been turned off.