Description
WordPress Plugin Caldera Forms-More Than Contact Forms is prone to an information disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive data that has been captured by a Caldera Form. WordPress Plugin Caldera Forms-More Than Contact Forms version 1.3.5.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.5.3 or latest
References
Related Vulnerabilities
WordPress Plugin Ultimate SMS Notifications for WooCommerce CSV Injection (1.4.1)
WordPress Plugin Sticky Popup Cross-Site Scripting (1.2)
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (3.9)
Apache 2.x version older than 2.2.8
WordPress Plugin Qtranslate Slug Unspecified Vulnerability (1.1.16)