_{As part of our cataloging the vulnerabilities in WordPress plugins for our service we come across false reports of vulnerabilities from time to time. So that others don’t spend their time looking over these as well we post our findings on them.}

On Saturday a report of a file upload vulnerability in the FormCraft – Form Builder plugin was added to milw00rm.  Right off the bat something looked wrong with this report as the URL for the plugin is https://wordpress.org/plugins/formcraft-form-builder/, but the path listed for the exploit would be a for plugin named “formcraft” instead of “formcraft-form-builder”: [Read more]