Description
WordPress Plugin Contact Form 7 Database is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Contact Form 7 Database version 1.3 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that only users with the "manage_options" capability can view submissions or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Post PDF Export Local File Inclusion (1.0.1)
WordPress Plugin Connections Business Directory Cross-Site Scripting (10.4.2)
WordPress Plugin moreAds SE Cross-Site Scripting (1.4.6)
WordPress Plugin 3dady real-time web stats Cross-Site Request Forgery (1.0)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5899)