4 matches found
FormLift for Infusionsoft Web Forms <= 7.5.17 - SQL Injection
The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to SQL Injection via the 'formid' parameter in versions up to, and including, 7.5.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2024-38773 WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...
CVE-2024-38773
CVE-2024-38773: WordPress FormLift for Infusionsoft Web Forms (
WordPress FormLift for Infusionsoft Web Forms Plugin <= 7.5.17 is vulnerable to SQL Injection
Software FormLift for Infusionsoft Web Forms Type Plugin Vulnerable versions = 7.5.17 Fixed in 7.5.18 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38773 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d19e614d84b5 Credits Asif Wani Required...