Description
WordPress Plugin Easy Contact Forms Export is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Easy Contact Forms Export version 1.1.0 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
http://www.securityfocus.com/bid/53892/exploit
http://www.exploit-db.com/exploits/19013/
Related Vulnerabilities
PHP Observable Discrepancy Vulnerability (CVE-2024-2408)
Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)
WebLogic CVE-2016-3505 Vulnerability (CVE-2016-3505)
MyBB Improper Input Validation Vulnerability (CVE-2008-4930)
WordPress Plugin Analytics Tracker Cross-Site Scripting (1.1.0)