WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the uploadpostimage function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload...