WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Ninja Forms Contact Form plugin version 3.6.4 prior to the SQL injection vulnerability, the vulnerability stems from the plugin does not escapefields POST parameter, the attacker can use the vulnerability to carry out SQL injection attacks.