CVE number – CVE-2019-15780
Strategy11 formidable plugin for WordPress could allow a remote attacker to execute arbitrary code on the system, caused by an improper de serialization flaw.
By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Upgrade to the latest version of formidable plugin (4.02.01 or later), available from the Formidable Forms Web site – https://formidableforms.com/
UK based technology professional, with an interest in computer security and telecoms.