CVSS: 9.8EPSS: 13%CPEs: 1EXPL: 5CVE-2023-4596 – Forminator <= 1.24.6 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-4596
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. El plugin Forminator para WordPress es vulnerable a la subida de archivos arbitrarios debido a la validación del tipo de archivo que se produce después de que un archivo haya sido subido al servidor en la función "upload_post_image()" en versiones hasta, e incluyendo, la 1.24.6. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede posibilitar la ejecución remota de código. • https://github.com/X-Projetion/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker https://github.com/E1A/CVE-2023-4596 https://github.com/RHYru9/CVE-2023-4596-checker https://plugins.trac.wordpress.org/changeset/2954409/forminator/trunk/library/fields/postdata.php https://www.exploit-db.com/exploits/51664 https://www.wordfence.com/threat-intel/vulnerabilities/id/9cd87da6-1f4c-4a15-8ebb-6e0f8ef72513?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-3134 – Forminator < 1.24.4 - Reflected XSS
https://notcve.org/view.php?id=CVE-2023-3134
The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks. The Forminator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.24.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/6d50d3cc-7563-42c4-977b-f834fee711da https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2010 – Forminator < 1.24.1 - Unauthenticated Race Condition on poll vote
https://notcve.org/view.php?id=CVE-2023-2010
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll. The Forminator plugin for WordPress is vulnerable to a race condition in versions up to, and including, 1.23.3. This is due to improper validation on the poll voting functionality. This makes it possible for unauthenticated attackers to make multiple votes on a poll. • https://wpscan.com/vulnerability/d0da4c0d-622f-4310-a867-6bfdb474073a • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24700 – Forminator < 1.15.4 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24700
The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed El plugin Forminator de WordPress versiones anteriores a 1.15.4, no sanea y escapa de la etiqueta del campo email, que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando el unfiltered_html está deshabilitado • https://wpscan.com/vulnerability/1d489b05-296e-4268-8082-9737608f9b41 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36821 – WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2021-36821
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Forminator – Contact Form, Payment Form & Custom Form Builder allows Stored XSS.This issue affects Forminator – Contact Form, Payment Form & Custom Form Builder: from n/a through 1.14.11. Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMU DEV Forminator allows Stored XSS.This issue affects Forminator: from n/a through 1.14.11. The Forminator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.14.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/forminator/wordpress-forminator-plugin-1-14-11-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •