Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Path Traversal.This issue affects Forminator: from n/a through <= 1.55.0.2.
History

Mon, 13 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Wpmu Dev - Your All-in-one Wordpress Platform
Wpmu Dev - Your All-in-one Wordpress Platform forminator
Vendors & Products Wordpress
Wordpress wordpress
Wpmu Dev - Your All-in-one Wordpress Platform
Wpmu Dev - Your All-in-one Wordpress Platform forminator

Mon, 13 Jul 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 13 Jul 2026 10:00:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Path Traversal.This issue affects Forminator: from n/a through <= 1.55.0.2.
Title WordPress Forminator plugin <= 1.55.0.2 - Arbitrary File Download vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-07-13T10:25:20.611Z

Reserved: 2026-06-25T08:05:16.224Z

Link: CVE-2026-57815

cve-icon Vulnrichment

Updated: 2026-07-13T10:25:14.674Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-13T13:30:04Z