I have recently got an email from someone to remove some links from my website to their website. We have not done it purposely though. They have send us two files which are saved under …/wp-content/uploads/quform/1/2018/12 folder. I wonder how could they have accessed, found and get a copy of these files: one is jpg and other is pdf? Is quform not safe? is it a security breach?