CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2026/03/26 6:30 a.m.•2 views

EUVD-2026-16100

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listenfortokens methods of the FormLiftInfusionsoftManager class, both of which are hooked ...

5.3CVSS6AI score0.00135EPSS

Exploits0References11

Cvelist•added 2026/03/26 3:37 a.m.•27 views

CVE-2026-4281 FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow

5.3CVSS0.00135EPSS

Exploits0References10

Vulnrichment•added 2026/03/26 3:37 a.m.•1 views

CVE-2026-4281 FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow

5.3CVSS6AI score0.00135EPSS

Exploits0References10

Positive Technologies•added 2026/03/26 12:0 a.m.•1 views

PT-2026-28201

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listen for tokens methods of the FormLift Infusionsoft Manager class, both of which are...

5.3CVSS6AI score0.00135EPSS

Exploits0References11

Cvelist•added 2025/06/27 11:52 a.m.•9 views

CVE-2025-47654 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.20 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Reflected XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.20...

7.1CVSS0.00185EPSS

Exploits0References1

Positive Technologies•added 2025/06/27 12:0 a.m.•1 views

PT-2025-27105 · Infusionsoft · Formlift For Infusionsoft Web Forms

Name of the Vulnerable Software and Affected Versions: FormLift for Infusionsoft Web Forms versions through 7.5.20 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For...

7.1CVSS7.2AI score0.00185EPSS

Exploits0References3

OSV•added 2024/07/22 11:15 a.m.•0 views

CVE-2024-38773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

9.8CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2024/07/22 12:0 a.m.•1 views

PT-2024-28209

Name of the Vulnerable Software and Affected Versions FormLift for Infusionsoft Web Forms versions n/a through 7.5.17 Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to improper neutralization of special elements used in an SQL command...

9.8CVSS5.6AI score0.45041EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by