CVE-2026-5192 | wpmudev Forminator Forms Plugin up to 1.52.1 on WordPress File Upload file_path path traversal

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability classified as critical has been found in wpmudev Forminator Forms Plugin up to 1.52.1 on WordPress. The impacted element is the function file_path of the component File Upload. The manipulation leads to path traversal.

This vulnerability is referenced as CVE-2026-5192. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-5192 | wpmudev Forminator Forms Plugin up to 1.52.1 on WordPress File Upload file_path path traversal

Post correlati

CVE-2026-23891 | Decidim up to 0.30.4/0.31.0 Name cross site scripting (GHSA-fc46-r95f-hq7g)

CVE-2026-33616 | MB connect line mbCONNECT24/mymbCONNECT24 up to 2.19.4 mb24api Endpoint sql injection (VDE-2026-030)

CVE-2024-6094 | WP ULike Plugin up to 4.7.0 on WordPress Setting cross site scripting

CVE-2021-47051 | Linux Kernel up to 5.4.118/5.10.36/5.11.20/5.12.3 fsl-lpspi lpspi_prepare_xfer_hardware memory leak