Over 300k WordPress Sites Affected by Forminator Plugin Flaws

The Forminator WordPress plugin, utilized by multiple websites, is vulnerable to multiple security flaws, including CVE-2024-28890, CVE-2024-31077, and CVE-2024-31857. These vulnerabilities enable malicious actors to carry out various attacks, including unrestricted file uploads to the server, triggering denial-of-service (DoS) attacks, and executing cross-site scripting (XSS) attacks.

Threat Level – Red | Vulnerability Report