Vulnerability CVE-2024-28890
Published: 2024-04-23

Description:
Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition.

 References:
https://wordpress.org/plugins/forminator/
https://wpmudev.com/
https://jvn.jp/en/jp/JVN50132400/
Copyright 2024, cxsecurity.com

 

Back to Top