Description
WordPress Plugin Zedna Contact form is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Zedna Contact form version 1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2 or latest
References
Related Vulnerabilities
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.32)
WordPress Plugin Windows Desktop and iPhone Photo Uploader Arbitrary File Upload (1.8)
WordPress Plugin WP-Live Chat by 3CX Remote Code Execution (7.0.01)
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.13)
WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)