Today > 5 Critical | 6 High | 28 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-28890

April 23, 2024, 12:52 p.m.

Tags

Product(s) Impacted

Forminator

  • before 1.29.0

Description

Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition.

Weaknesses

Date

Published: April 23, 2024, 5:15 a.m.

Last Modified: April 23, 2024, 12:52 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References

https://jvn.jp/ vultures@jpcert.or.jp
https://wordpress.org/ vultures@jpcert.or.jp
https://wpmudev.com/ vultures@jpcert.or.jp