CVE-2024-31077

Name of the Vulnerable Software and Affected Versions Forminator versions prior to 1.29.3

Description The issue is related to a SQL injection vulnerability due to a lack of protection measures for the SQL query structure. This vulnerability can be exploited by a remote attacker to modify arbitrary data and cause a denial-of-service condition. A remote authenticated attacker with administrative privileges may obtain and alter any information in the database.

Recommendations For versions prior to 1.29.3, upgrade the plugin to the latest version immediately. As a temporary workaround, consider restricting access to the database to minimize the risk of exploitation. Audit your site for any signs of compromise after applying the update.