What is a Forminator Plugin?
The Forminator plugin for WordPress is a versatile tool designed to simplify the process of creating and managing forms on your WordPress website. It offers a user-friendly interface that allows you to build various types of forms, such as contact forms, surveys, quizzes, and more, using a drag-and-drop builder. Forminator comes with a range of pre-built templates and customization options, making it easy to create forms that match your website’s design and functionality requirements. Additionally, Forminator integrates with popular email marketing services and CRMs, enabling you to streamline your data collection and management processes.
Forminator Plugin Vulnerabilities
Japan’s CERT Alert
Japan’s CERT (Computer Emergency Response Team) is an organization responsible for cybersecurity incident response in Japan. It operates under the auspices of the Japan Information-technology Promotion Agency (IPA), which is a government-affiliated organization. The main role of Japan’s CERT is to provide support and coordination in responding to and mitigating cybersecurity incidents, including vulnerabilities and attacks affecting Japanese organizations and networks. They also work to raise awareness about cybersecurity issues and best practices among Japanese businesses and the public.
- CVE-2024-28890 – Insufficient validation of files during file upload, allowing a remote attacker to upload and execute malicious files on the server. Affects Forminator 1.29.0 and earlier versions.
- CVE-2024-31077 – SQL injection flaw allowing remote attackers with admin privileges to execute arbitrary SQL queries in the site’s database. Affects Forminator 1.29.3 and earlier versions.
- CVE-2024-31857 – Cross-site scripting (XSS) flaw allowing a remote attacker to execute arbitrary HTML and script code into a user’s browser if tricked to follow a specially crafted link. Affects Forminator 1.15.4 and older versions.
