Description
WordPress Plugin Gravity Forms is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Gravity Forms version 2.4.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.9 or latest
References
Related Vulnerabilities
WordPress Plugin On Page SEO + Social Live Chat (Formerly OPS) Cross-Site Scripting (1.0.1)
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
WordPress Plugin Instant Images-One Click Unsplash Uploads Cross-Site Scripting (4.4.0)
WordPress Plugin job-portal Cross-Site Scripting (0.0.1)
WordPress Plugin Content Copy Protection & Prevent Image Save Cross-Site Request Forgery (1.3)