Lucene search
JpcertCVELIST:CVE-2024-28890HistoryApr 23, 2024 - 4:56 a.m.
CVE-2024-28890
2024-04-2304:56:24
jpcert
www.cve.org
7
forminator plugin vulnerability
unrestricted file upload
remote access vulnerability
dos attack
Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition.
CNA Affected
[
{
"vendor": "WPMU DEV",
"product": "Forminator",
"versions": [
{
"version": "prior to 1.29.0",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2024-28890
2024-04-23 05:15:49
vulnrichment
vulnrichment
CVE-2024-28890
2024-04-23 04:56:24
wpvulndb
wpvulndb
Forminator < 1.29.0 - Unauthenticated Arbitrary File Upload
2024-04-24 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-28890
2024-06-13 10:41:33
cve
cve
CVE-2024-28890
2024-04-23 05:15:49
jvn
jvn
JVN#50132400: Multiple vulnerabilities in WordPress Plugin "Forminator"
2024-04-18 00:00:00
wallarmlab
wallarmlab
thn
thn
wordfence
wordfence