The Form Vibes plugin for WordPress has a security vulnerability that allows hackers to access sensitive information from the database. This is due to a lack of proper protection on a specific user parameter and an inadequate preparation on the SQL query. This vulnerability affects all versions of the plugin, including 1.4.10. Hackers with a subscriber-level access or higher can use this vulnerability to add their own SQL queries to existing ones and extract confidential data.