Contact Form builder with drag & drop - Kali Forms <= 2.3.36 is vulnerable to Insecure Direct Object References (IDOR) vulnerability

The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.36 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to access objects they do not have proper authorization to view.