Description
This form is served from an insecure page (http) page. This page could be hijacked using a Man-in-the-middle attack and an attacker can replace the form target.
Remediation
The form should be served from a secure (https) page.
References
Related Vulnerabilities
WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)
SAP NetWeaver server info information disclosure
WordPress Plugin Advanced Custom Fields (ACF) Information Disclosure (6.0.2)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2042)
WordPress Plugin WP Activity Log Information Disclosure (3.1.1)