CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Cvelist•added 2026/03/26 3:37 a.m.•27 views

CVE-2026-4281 FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listenfortokens methods of the FormLiftInfusionsoftManager class, both of which are hooked ...

5.3CVSS0.00135EPSS

Exploits0References10

CVE•added 2025/11/06 3:54 p.m.•6 views

CVE-2025-58636

The CVE describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WP Gravity Forms Keap/Infusionsoft (gf-infusionsoft) affecting versions from n/a up to and including 1.2.3. The root cause is object injection via unsafe deserialization. According to the public records, t...

9.8CVSS6.6AI score0.00101EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2016-1083

Malware in sbrugna...

6.1CVSS6.2AI score0.02927EPSS

Exploits2References4

0day.today•added 2014/10/09 12:0 a.m.•25 views

Wordpress InfusionSoft Upload Exploit

This Metasploit module exploits an arbitrary PHP code upload in the wordpress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: http//metasploit.com/download Current...

7.5CVSS0.2AI score0.82212EPSS

Exploits8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by