• This form is served from an insecure page (http) page. This page could be hijacked using a Man-in-the-middle attack and an attacker can replace the form target.

• The form should be served from a secure (https) page.

• 

• CWE-200

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

• Information Disclosure

• WordPress Plugin Thinkun Remind 'dirPath' Parameter Information Disclosure (1.1.3)
• WordPress Plugin GRAND Flash Album Gallery SQL Injection and Information Disclosure Vulnerabilities (0.59)
• Documentation file
• Application error message
• WordPress Plugin Slideshow Information Disclosure (2.2.21)