Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-28890
HistoryApr 23, 2024 - 5:15 a.m.

CVE-2024-28890

2024-04-2305:15:49
[email protected]
web.nvd.nist.gov
forminator
file upload
vulnerability
remote attacker
sensitive information
server access
denial-of-service

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition.

Related

cvelist 1
cve 1
wpvulndb 1
githubexploit 1
jvn 1
wallarmlab 1
thn 1
wordfence 1
cvelist
cvelist
CVE-2024-28890
2024-04-23 04:56:24
cve
cve
CVE-2024-28890
2024-04-23 05:15:49
wpvulndb
wpvulndb
Forminator < 1.29.0 - Unauthenticated Arbitrary File Upload
2024-04-24 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-28890
2024-06-13 10:41:33
jvn
jvn
JVN#50132400: Multiple vulnerabilities in WordPress Plugin "Forminator"
2024-04-18 00:00:00
wallarmlab
wallarmlab
Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?
2024-05-06 11:11:50
thn
thn
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
2024-04-26 05:49:00
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)
2024-04-25 15:56:37

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for NVD:CVE-2024-28890
cvelist1cve1wpvulndb1githubexploit1jvn1wallarmlab1thn1wordfence1