Searchenginejournal.com

Forminator WordPress Plugin Vulnerability Affects Up To 400,000+ Websites

The U.S. Government National Vulnerability Database (NVD) published notice of a critical vulnerability affecting the Forminator WordPress Contact Form plugin up to an including version 1.24.6.
Bleeping Computer

Critical Forminator plugin flaw impacts over 300k WordPress sites

The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server. Forminator by WPMU DEV is a custom ...
Infosecurity-magazine.com

WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion

A severe vulnerability in the widely used Forminator WordPress plugin has been disclosed, exposing websites to the risk of arbitrary file deletion and potential site takeover. The flaw, which affects ...
heise online

600,000 WordPress instances can be exploited to a breach in Forminator plug-in

The function “entry_delete_upload_files” does not sufficiently check passed path information. Unregistered malicious actors can specify arbitrary file paths in a form submission, the file is then ...
TechRadar

Another top WordPress plugin hacked to allow account takeover - stay safe with these tips

Experts find a way to trick Forminator into deleting a core WordPress file This process would trigger the site's setup, where hackers can take it over A patch is available, and users are advised to ...
TechRadar

A critical security flaw could affect thousands of WordPress sites

Hundreds of thousands of WordPress websites are vulnerable to a critical severity flaw which allows threat actors to upload malware to the site through a bug in a plugin. As reported by ...