Log out
Get PRO

Latest

Vulnerability found in Forminator – Contact Form, Payment Form & Custom Form Builder

  • Severity: high-risk
  • Status: Fixed
  • Publication: August 1, 2024

The Forminator plugin used on WordPress has a security issue where sensitive information can be exposed. This can happen if the plugin is not updated and the version is 1.29.1 or below. Attackers who are not logged in can access the developer API key for the HubSpot integration. This can lead to unauthorized changes being made to the plugin’s HubSpot integration or personal information of users being exposed.

Detected in:

Forminator – Contact Form, Payment Form & Custom Form Builder fixed vulnerable versions: >= * <= 1.29.1
Forminator Forms – Contact Form, Payment Form & Custom Form Builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.