WordPress Metform <=2.1.3 - Information Disclosure

WordPress Metform plugin through 2.1.3 is susceptible to information disclosure due to improper access control in the /core/forms/action.php file. An attacker can view all API keys and secrets of integrated third-party APIs such as that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA...