We provide premium cPanel hosting!

 
 

Security Issue Detected with the WP “Formidable Forms” Plugin

Home > Security Issue Detected with the WP “Formidable Forms” Plugin
 
Posted by on June 5, 2023 in | Comments

WPScan just reported that during a recent internal review of the Formidable Forms plugin, a serious security issue was detected which could potentially enable users with low privileges such as subscribers to install arbitrary plugins on vulnerable sites.

The exploitation of this vulnerability could grant malicious users the power to install any plugin available on downloads.wordpress.org, which can lead to a wide variety of attacks, including the upload of malicious content, creation of administrative users, or even a full site takeover.

WPScan reported the vulnerability to the authors of the plugin, who have responded by releasing Formidable Forms version 6.3.1 to mitigate this threat. If you use this plugin, please update it to the latest version as soon as possible.