Description
WordPress Plugin Advanced Contact form 7 DB is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Advanced Contact form 7 DB version 1.1.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.1 or latest
References
Related Vulnerabilities
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7925)
WordPress Plugin DM Albums Multiple File Deletion Vulnerabilities (2.1)
WordPress Plugin Magn WP Drag and Drop Upload Arbitrary File Upload (1.1.4)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099)