CVE-2024-28890 Information

Description

Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited a remote attacker may obtain sensitive information by accessing files on the server alter the site that uses the plugin and cause a denial-of-service (DoS) condition.

Reference

https://wordpress.org/plugins/forminator/ https://wpmudev.com/ https://jvn.jp/en/jp/JVN50132400/