1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Another top WordPress plugin hacked to allow account takeover - s

    From TechnologyDaily@1337:1/100 to All on Thursday, July 03, 2025 18:15:07
    Another top WordPress plugin hacked to allow account takeover - stay safe
    with these tips

    Date:
    Thu, 03 Jul 2025 17:02:00 +0000

    Description:
    Another high-severity flaw was found in Forminator, a popular WordPress plugin.

    FULL STORY ======================================================================Experts find a way to trick Forminator into deleting a core WordPress file This process would trigger the site's setup, where hackers can take it over A
    patch is available, and users are advised to apply it

    A popular WordPress plugin active on hundreds of thousands of websites was found to be carrying a high-severity vulnerability which could allow threat actors to fully take over compromised websites.

    Forminator is a website builder plugin which allows WordPress operators to
    add custom contact, feedback, quizzes, surveys, polls, and payment forms. Everything is drag-and-drop and thus user-friendly, and plays well with many other plugins.

    Recently, a security researcher with the alias Phat RiO BlueRock found the plugin had insufficient validation and sanitation of form field input vulnerability, as well as an unsafe file deletion logic. It could be abused
    to insert a custom file into any field, which would (after a few steps) force Forminator into deleting the core WordPress file. As a result, the entire website enters the setup stage, where the attacker can take it over.

    Get 55% off Incogni's Data Removal service with code TECHRADAR

    Wipe your personal data off the internet with the Incogni data removal service. Stop identity thieves
    and protect your privacy from unwanted spam and scam calls. View Deal How to stay safe

    Deleting wp-config.php forces the site into a setup state, allowing an attacker to initiate a site takeover by connecting it to a database under their control, noted experts at Wordfence, a WordPress security project.

    The vulnerability is tracked as CVE-2025-6463, and has a severity score of 8.8/10 - high. All versions up to 1.44.2 are vulnerable. As per Wordpress.org data, there are more than 600,000 active websites using this plugin, making the attack surface rather large.

    The first clean version is 1.44.3, and the plugins vendors, WPMU DEV, is urging all users to apply it as soon as possible. BleepingComputer says since the patch was released, the plugin was downloaded 200,000 times, but it is unclear how many are currently vulnerable to exploitation.

    To mitigate the risk of attack, website admins should upgrade their
    Forminator plugin to the newest version, or disable and delete the plugin altogether. Generally speaking, WordPress as a platform is considered safe, with various plugins and themes being the weakest link in this security
    chain.

    That being said, WordPress users are advised to only keep those plugins and themes that theyre using, ensuring these are updated regularly, while disabling and deleting all others. You might also like A critical security flaw could affect thousands of WordPress sites Take a look at our guide to
    the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/another-top-wordpress-plugin-hacked-to- allow-account-takeover-stay-safe-with-these-tips


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)