CVE-2021-36827

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". > MITRE Terms of Use apply – see LICENSE‑MITRE.txt