📦 Forminator

The Forminator WordPress plugin up to version 1.24.6 has a critical file upload vulnerability where unauthenticated attackers can upload arbitrary files to the server. This occurs because file type va...

The Forminator WordPress plugin is vulnerable to PHP Object Injection via deserialization of untrusted input when form submissions are deleted. This allows unauthenticated attackers to inject maliciou...

The Forminator WordPress plugin has a critical vulnerability that allows unauthenticated attackers to delete arbitrary files on the server by manipulating form submissions. This affects all versions u...

This SQL injection vulnerability in Forminator WordPress plugin allows remote authenticated attackers with administrative privileges to execute arbitrary SQL commands. Attackers can read, modify, or d...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the Forminator WordPress plugin. When users visit a specially crafted URL, the scripts execute in their brow...