Arbitrary User Email Address Update via IDOR vulnerability discovered by Suppawit Punhakit in WordPress Advanced Forms plugin (versions <= 1.6.8).
Update the WordPress Advanced Forms plugin to the latest available version (at least 1.6.9).