Description
WordPress Plugin MW WP Form is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MW WP Form version 4.4.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.4.3 or latest
References
Related Vulnerabilities
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
WordPress Plugin Indexisto WordPress Site Search Cross-Site Scripting (1.0.5)
WordPress Plugin Business Hours Pro Arbitrary File Upload (5.5.0)