Over 300k WordPress Sites Affected by Forminator Plugin Flaws

Threat Advisories

Over 300k WordPress Sites Affected by Forminator Plugin Flaws

April 24, 2024

Summary:

The Forminator WordPress plugin, utilized by multiple websites, is vulnerable to multiple security flaws, including CVE-2024-28890, CVE-2024-31077, and CVE-2024-31857. These vulnerabilities enable malicious actors to carry out various attacks, including unrestricted file uploads to the server, triggering denial-of-service (DoS) attacks, and executing cross-site scripting (XSS) attacks.

Threat Level – Red | Vulnerability Report

×

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

 

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest