Description
Forminator prior to 1.29.3 contains a SQL injection vulnerability. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege may obtain and alter any information in the database and cause a denial-of-service (DoS) condition.
Published: 2024-04-23
Score: 7.2 High
EPSS: 34.5% Moderate
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.2123}

 epss

{'score': 0.21666}

Fri, 04 Apr 2025 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Incsub
Incsub forminator
CPEs cpe:2.3:a:incsub:forminator:*:*:*:*:free:wordpress:*:*
Vendors & Products Incsub
Incsub forminator

Subscriptions

Incsub Forminator
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2024-08-02T01:46:04.186Z

Reserved: 2024-04-12T01:58:20.365Z

Link: CVE-2024-31077

cve-icon Vulnrichment

Updated: 2024-08-02T01:46:04.186Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-23T05:15:49.323

Modified: 2025-04-04T13:09:27.250

Link: CVE-2024-31077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses