CVE-2024-28890: Forminator Plugin Unrestricted File Upload Vulnerability in Versions Prior to 1.29.

Recently, a serious vulnerability, CVE-2024-28890, was identified in the Forminator plugin before version 1.29., which is widely used in various websites. This vulnerability is classified as an unrestricted file upload with a dangerous type vulnerability, which poses a severe risk and should be addressed immediately. Exploitation of this vulnerability can lead to unauthorized access to sensitive information, alteration of the site using the plugin, and even a denial-of-service (DoS) condition. In this post, we will discuss the details of this vulnerability, including the affected versions, attack scenarios, proof-of-concept exploit code, and crucial steps you need to take to secure your website.

Vulnerability Details

The Forminator plugin is a popular solution for creating website forms, quizzes, and polls. It is used by countless websites to gather information from users. This particular vulnerability arises due to improper validation and restriction of file types uploaded through the Forminator plugin.

Original References

- The vulnerability was first identified and reported by an anonymous researcher, and the details were made public on the (CVE website)[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28890].
- The vulnerability was also reported on the (Forminator changelog)[https://wordpress.org/plugins/forminator/#developers] upon releasing the fixed version 1.29..
- Furthermore, the vulnerability is listed in the (NIST National Vulnerability Database)[https://nvd.nist.gov/vuln/detail/CVE-2024-28890].

Affected Versions

All versions of the Forminator plugin before 1.29. may be susceptible to this vulnerability.

Proof-of-Concept Exploit

While we won't provide a complete exploit code, the following code snippet demonstrates a simple PHP backdoor that could be uploaded through the Forminator plugin:

<?php
if (isset($_POST['cmd'])) {
    $cmd = $_POST['cmd'];
    system($cmd);
}
?>

This backdoor code would allow an attacker to execute arbitrary commands on the server upon successful upload, giving them the potential to obtain sensitive information from files, modify the site's data, or even cause a denial-of-service condition.

To address this vulnerability and secure your website, take the following steps

1. Upgrade the Forminator plugin to the latest version (1.29. or later), which contains the security patch to prevent unrestricted file uploads. You can download the latest version here: (Forminator on WordPress Plugin Repository)[https://wordpress.org/plugins/forminator/].

2. Check your server for any suspicious files that may have been uploaded through the Forminator plugin. Look especially for PHP, JavaScript, and other executable file types that should not have been allowed through the plugin.

3. Review your site's logs for any indications of unauthorized access or manipulation resulting from this vulnerability.

4. If you are using any third-party security plugins, consider enabling additional protections like blocking file uploads with dangerous file extensions or implementing file upload scanning to help further protect your site from such vulnerabilities.

Conclusion

The CVE-2024-28890 vulnerability in the Forminator plugin poses a significant risk for sites using versions prior to 1.29.. By promptly updating the plugin, reviewing your server for suspicious files and activities, and implementing additional security measures, you can protect your site from this dangerous vulnerability. Stay vigilant and proactive about your website security to minimize the impact of such risks.

Timeline

Published on: 04/23/2024 05:15:49 UTC
Last modified on: 07/03/2024 01:51:54 UTC