Description
WordPress Plugin Caldera Forms-More Than Contact Forms is prone to an information disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive data that has been captured by a Caldera Form. WordPress Plugin Caldera Forms-More Than Contact Forms version 1.3.5.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.5.3 or latest
References
Related Vulnerabilities
WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
WordPress Plugin File Manager Multiple Vulnerabilities (4.8)
WordPress Plugin GS Insever Portfolio Cross-Site Scripting (1.4.4)
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-16651)
WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Request Forgery (3.5.1.0)