Cross-Site Request Forgery (CSRF) vulnerability leading to stored Cross-Site Scripting (XSS) discovered by Ramuel Gall (WordFence) in WordPress Contact Form Plugin by Fluent Forms (versions <= 3.6.65).
Update the WordPress Contact Form Plugin by Fluent Forms to the latest available version (at least 3.6.67).