CVE-2017-18574

The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.