Description
WordPress Plugin Gravity Forms is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Gravity Forms version 2.4.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.9 or latest
References
Related Vulnerabilities
XOOPS Other Vulnerability (CVE-2005-3680)
WordPress Plugin Virim PHP Object Injection (0.4)
WordPress Plugin Contact Form 7 Captcha Cross-Site Request Forgery (0.0.8)
IBM WebSEAL Incorrect Default Permissions Vulnerability (CVE-2024-35139)
WordPress Plugin WordPress Framework Possible Backdoor (1.0)