The WordPress Login/Signup Popup plugin, which has 10,000+ active installations, fixed a zero-day vulnerability affecting version 1.4 and below.
The vulnerability was reported on May 14th, 2020 to the author who immediately released a quick fix (version 1.5).
Upgrade immediately if you have version 1.4 or below.
If you are using our web application firewall for WordPress, NinjaFirewall WP Edition (free) and NinjaFirewall WP+ Edition (premium), you are protected against this vulnerability.
Stay informed about the latest vulnerabilities in WordPress plugins and themes: @nintechnet