RedPacket SecurityMay 5

CVE Alert: CVE-2026-5192 - wpmudev - Forminator Forms – Contact Form, Payment Form & Custom Form Builder - https://www.redpacketsecurity.com/cve-alert-cve-2026-5192-wpmudev-forminator-forms-contact-form-payment-form-custom-form-builder/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-5192 #wpmudev #forminator-forms-contact-form-payment-form-and-custom-form-builder

CVE Alert: CVE-2026-5192 - wpmudev - Forminator Forms – Contact Form, Payment Form & Custom Form Builder - RedPacket Security

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Traversal in versions up to, and

RedPacket Security
RF WaveJul 6, 2025

Security researchers reveal vulnerability in the Forminator plugin for WordPress

Vulnerability: Insufficient validation and sanitization of form field input and unsafe file deletion logic

Impact: Allows an attacker to take over the entire WordPress site

Vulnerability ID: CVE-2025-6463

Remediation: Update to Forminator version 1.44.3

#cybersecurity #vulnerabilitymanagement #WordPressplugin #Forminator

https://www.bleepingcomputer.com/news/security/forminator-plugin-flaw-exposes-wordpress-sites-to-takeover-attacks/

Forminator plugin flaw exposes WordPress sites to takeover attacks

The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks.

BleepingComputer
Marcel SIneM(S)USJul 4, 2025
600.000 #WordPress-Instanzen durch Lücke in Plug-in #Forminator kompromittierbar | Security https://www.heise.de/news/600-000-WordPress-Instanzen-durch-Luecke-in-Plug-in-Forminator-kompromittierbar-10467442.html #Patchday #WordPressPlugin #CMS #ContentManagementSystem
600.000 WordPress-Instanzen durch Lücke in Plug-in Forminator kompromittierbar

Eine hochriskante Sicherheitslücke im 600.000 Mal installierten WordPress-Plug-in Forminator ermöglicht volle Kompromittierung.

heise online
Marusti WebDesignApr 25, 2024
Sicherheitslücken in beliebtem #WordPress-Plugin #Forminator https://www.it-daily.net/shortnews/sicherheitsluecken-in-beliebtem-wordpress-plugin-forminator?utm_source=twitter&utm_medium=social&utm_campaign=sharebuttons
Sicherheitslücken in beliebtem WordPress-Plugin Forminator

Eine kritische Sicherheitslücke wurde im WordPress-Plugin Forminator entdeckt, die es Angreifern ermöglicht, unbegrenzt Dateien, einschließlich Malware, auf Webseiten hochzuladen, die dieses Plugin verwenden. Mindestens 300.000 Seiten sind davon betroffen.

Onlineportal von IT Management
securityaffairsApr 22, 2024
A flaw in the #Forminator plugin impacts hundreds of thousands of #WordPress sites
https://securityaffairs.com/162113/security/forminator-wordpress-plugin-flaws.html
#securityaffairs #hacking #malware
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites

Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server.

Security Affairs
RF WaveApr 21, 2024

Software updates have been released for Forminator Wordpress plugin that addresses a critical security vulnerability.

The vulnerability is tracked as CVE-2024-28890, and when exploited, allows an attacker to upload malware and obtain sensitive information.

Administrators are advised to patch ASAP.

#cybersecurity #Wordpress #Forminator

https://www.bleepingcomputer.com/news/security/critical-forminator-plugin-flaw-impacts-over-300k-wordpress-sites/

Critical Forminator plugin flaw impacts over 300k WordPress sites

The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.

BleepingComputer
FreemindSep 1, 2023

The vulnerability is especially dangerous because it is available even to unauthorized users who do not have an account on the site.

#cybersecurity #Forminator #vulnerability #wordpress

https://cybersec84.wordpress.com/2023/09/01/wordpress-forminator-plugin-exposed-to-critical-security-risk/

WordPress Forminator Plugin Exposed to Critical Security Risk

The US National Vulnerability Database (NVD) has released information about a critical vulnerability under the identifier CVE-2023-4596 in the Forminator contact form plugin for WordPress up to ver…

CyberSec84 | Cybersecurity news.
Leo Skull Sep 1, 2023

WWW 34 – Wöchentliche WordPress Weblinks

Der August ist vorbei - das ging dann doch schneller als erwartet. Draußen wird es langsam kälter, aber hier sind wie jede Woche Freitag Hot News für euch! 😅 Diese Woche wieder interessante WordP…

https://www.leo-skull.de/www-34-woechentliche-wordpress-weblinks/

#WordPress #WWW #AllinOneWPMigration #Forminator #Gutenberg165 #PreformantTranslations #WordPress #WordPress100YearPlan #WordPress631 #WordPressSicherheitslcken #WordPressThemes