CVE-2023-4596 in Forminator Plugininformação

Sumário

de MITRE • 30/08/2023

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsável

Wordfence

Reservar

29/08/2023

Divulgação

30/08/2023

Moderação

aceite

Entrada

VDB-238264

CPE

pronto

Exploração

Descarregar

EPSS

0.12749

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!