Vulnerabilities > Incsub > Forminator > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-30 CVE-2023-4596 Unspecified vulnerability in Incsub Forminator
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6.
network
low complexity
incsub
critical
 9.8
9.8