Description
WordPress Plugin WP Cost Estimation & Payment Forms Builder is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Cost Estimation & Payment Forms Builder version 9.659 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 9.660 or latest
References
Related Vulnerabilities
Oracle JRE CVE-2012-0505 Vulnerability (CVE-2012-0505)
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (1.9.3)
WordPress Plugin Welcart e-Commerce Information Disclosure (2.2.7)
MySQL CVE-2019-2747 Vulnerability (CVE-2019-2747)
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)