Unprotected REST-API to Sensitive Information Disclosure vulnerability discovered by Chloe Chamberland (WordFence) in WordPress Ninja Forms Contact Form plugin (versions <= 3.5.7).
Update the WordPress Ninja Forms Contact Form plugin to the latest available version (at least 3.5.8).