Replies: 1
Hello,
This isn’t a question, I just have no idea how to contact the developers for this plugin to notify them of a vulnerability that someone used to insert a malicious code file into our websites folder directory called ‘mainhack.php’ within the ‘/plugins/forminator/assets/css’ directory which ultimately ended up crashing our website.
I have a photo of the submission the person used to insert their code file but it seems I can’t upload images from my computer on this post without a URL so if there’s another way to do so let me know.
I’ll add all the fields this person filled out since I’m not sure if any of the fields besides the ‘First Name’ field is actually relevant to exploit this vulnerability.
If it would be possible to get this info to the Forminator developers that would be great.
I’ve since removed Forminator as the Forms plugin for our website and will be seeking a different one with less potential security exploits.
First Name: – Reminder: Process 0.75246154 BTC. Assure => https://telegra.ph/Get-BTC-right-now-02-10?hs=cfeea8acec71cd1c7219409de82ae9ce&=
Last Name: gcgc2k
Cell Phone: 086302948484
Email Address: txahole@eewmaop.com
If Yes, in which Brigade(s) have you participated and when?: Osxq4w
If Yes, please list the name of the most recent competition, what district/division it was in, when it took place and what score you received: aocn9q
If Yes, please list the Chorus name and Chorus Director contact information: fvd9ul
BHS District and Chapter Affiliations, if applicable: 7057ae
If your chorus is larger than 50 men, please list the Name, Phone number and Email address of your Section Leader: mkcc8q
Name of sponsoring Brigade participant: f326g6