Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms before 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.