SQL Injection Vulnerability in Forminator Plugin for WordPress
CVE-2019-9568
6.5MEDIUM
What is CVE-2019-9568?
The Forminator Contact Form, Poll & Quiz Builder plugin for WordPress had a vulnerability prior to version 1.6 that allowed for SQL injection through the wp-admin/admin.php?page=forminator-entries entry[] parameter. This vulnerability could be exploited by an attacker possessing delete permissions, enabling unauthorized database manipulation that could lead to data compromise.