Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-4596Unrestricted File Upload in Forminator

CWE-434Unrestricted File Upload5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
90.8%
top 0.37%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Incsub Forminator
Timeline
PublishedAug 30

Description

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDincsub/forminator1.24.6

Patches

Patch: plugins.trac.wordpress.orgPatch: plugins.trac.wordpress.org

🔴Vulnerability Details

3
GHSA
GHSA-g9m5-p82f-mqgm: The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to th2023-08-30
CVEList
Forminator <= 1.24.6 - Unauthenticated Arbitrary File Upload2023-08-30
VulnCheck
incsub forminator Unrestricted Upload of File with Dangerous Type2023

💥Exploits & PoCs

1
Nuclei
WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload
CVE-2023-4596 — Unrestricted File Upload in Forminator | cvebase