Log out
Get PRO

Latest

Input validation vulnerability in Forminator – Contact Form, Payment Form & Custom Form Builder 1.26.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 27, 2023

The Forminator plugin for WordPress is vulnerable to a malicious attack that can allow an attacker with administrator-level permissions to insert malicious code into pages on the website. This malicious code can be executed when a user visits the website and can only affect websites with multiple sites or those that have prevented certain types of HTML from being used. This vulnerability affects all versions up to and including 1.26.0.

Detected in:

Forminator – Contact Form, Payment Form & Custom Form Builder fixed vulnerable versions: >= * <= 1.26.0
Forminator Forms – Contact Form, Payment Form & Custom Form Builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.