Description
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve a list of licenses from the formidablepro.com API with the hosts credentials or inject javascript into an existing form. WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder version 2.0.21 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.22 or latest