Description
WordPress Plugin Easy Contact Forms Export is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Easy Contact Forms Export version 1.1.0 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
http://www.securityfocus.com/bid/53892/exploit
http://www.exploit-db.com/exploits/19013/
Related Vulnerabilities
WordPress Plugin CSV Import Cross-Site Scripting (1.0)
WordPress Plugin WP Mail SMTP by WPForms Unspecified Vulnerability (0.9.5)
WordPress Plugin wp superb Slideshow 'upload.php' Arbitrary File Upload (2.2)
WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)
PHP Resource Management Errors Vulnerability (CVE-2011-1148)