A vulnerability has been found in SaturdayDrive Ninja Forms Plugin up to 3.3.29 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the component File Upload Handler. This manipulation causes missing authorization.
This vulnerability is tracked as CVE-2026-12557. The attack is possible to be carried out remotely. No exploit exists.