Dropbox Sign Breach Exposes Customer Data
Cloud storage giant Dropbox has recently disclosed a data breach affecting its eSignature service, Dropbox Sign (formerly HelloSign). The incident highlights the ongoing risks businesses…
A recently discovered critical vulnerability in the widely-used WordPress plugin Forminator puts hundreds of thousands of websites at risk of cyber attack. Site owners using outdated versions of the plugin are being urged to update immediately to avoid potential compromise.
Forminator is a powerful WordPress plugin developed by WPMU DEV. It allows site owners to easily build a variety of forms, including contact forms, surveys, polls, quizzes, and even payment forms. The plugin is highly popular due to its user-friendliness and extensive features.
The critical vulnerability (CVE-2024-28890) allows unauthenticated attackers to upload malicious files to a website running a vulnerable version of Forminator. This could lead to serious consequences, including:
The developers of Forminator have promptly released a security update (version 1.29.3) to address this vulnerability, along with two other less critical flaws. Website owners using Forminator must update the plugin as soon as possible. Here’s how: