CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

126 matches found

NVD•added 2025/03/28 12:15 p.m.•5 views

CVE-2025-31434

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Stored XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.19...

6.5CVSS0.00164EPSS

Exploits0References1

Vulnrichment•added 2025/03/28 11:54 a.m.•10 views

CVE-2025-31434 WordPress FormLift for Infusionsoft Web Forms <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Stored XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.19...

6.5CVSS7AI score0.00164EPSS

Exploits0References1

Cvelist•added 2025/03/28 11:54 a.m.•13 views

CVE-2025-31434 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00164EPSS

Exploits0References1

CNNVD•added 2025/03/28 12:0 a.m.•1 views

WordPress plugin FormLift for Infusionsoft Web Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS7.8AI score0.00164EPSS

Exploits0References2

RedhatCVE•added 2025/02/09 10:21 a.m.•3 views

CVE-2025-25145

Cross-Site Request Forgery CSRF vulnerability in jordan.hatch Infusionsoft Analytics infusionsoft-web-tracker allows Cross Site Request Forgery.This issue affects Infusionsoft Analytics: from n/a through = 2.0...

5.4CVSS7.2AI score0.00145EPSS

Exploits0References1

NVD•added 2025/02/07 10:15 a.m.•12 views

CVE-2025-25145

5.4CVSS0.00145EPSS

Exploits0References1

CVE•added 2025/02/07 10:11 a.m.•50 views

CVE-2025-25145

CVE-2025-25145 is a CSRF vulnerability in the WordPress Infusionsoft Analytics plugin (versions n/a through 2.0). The available sources in the connected docs describe the issue and impact but do not specify a fixed version or patch. CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L. Exploitation stat...

5.4CVSS7.2AI score0.00145EPSS

Exploits0References1

Cvelist•added 2025/02/07 10:11 a.m.•14 views

CVE-2025-25145 WordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability

5.4CVSS0.00145EPSS

Exploits0References1

Vulnrichment•added 2025/02/07 10:11 a.m.•7 views

CVE-2025-25145 WordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in jordan.hatch Infusionsoft Analytics allows Cross Site Request Forgery. This issue affects Infusionsoft Analytics: from n/a through 2.0...

5.4CVSS5.5AI score0.00145EPSS

Exploits0References1

CNNVD•added 2025/02/07 12:0 a.m.•2 views

WordPress plugin Infusionsoft Analytics 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

5.4CVSS8.6AI score0.00145EPSS

Exploits0References1

Positive Technologies•added 2025/02/07 12:0 a.m.•3 views

PT-2025-5954 · Infusionsoft · Infusionsoft Analytics

Name of the Vulnerable Software and Affected Versions: Infusionsoft Analytics versions n/a through 2.0 Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized requests. Recommendations: For versions n/a through 2.0, update to a version that includes a fix...

5.4CVSS9.4AI score0.00145EPSS

Exploits0References5

Patchstack•added 2025/02/03 4:12 p.m.•3 views

WordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Infusionsoft Analytics versions = 2.0...

5.4CVSS7AI score0.00145EPSS

Exploits0Affected Software1

NVD•added 2024/07/22 11:15 a.m.•20 views

CVE-2024-38773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

9.8CVSS0.01987EPSS

Exploits0References1

OSV•added 2024/07/22 11:15 a.m.•1 views

CVE-2024-38773

9.8CVSS5.8AI score0.01987EPSS

Exploits0References1

Cvelist•added 2024/07/22 10:7 a.m.•19 views

CVE-2024-38773 WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability

9.3CVSS0.01987EPSS

Exploits0References1

CVE•added 2024/07/22 10:7 a.m.•53 views

CVE-2024-38773

CVE-2024-38773: WordPress FormLift for Infusionsoft Web Forms (

9.8CVSS9.7AI score0.01987EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/07/22 12:0 a.m.•2 views

PT-2024-28209

Name of the Vulnerable Software and Affected Versions FormLift for Infusionsoft Web Forms versions n/a through 7.5.17 Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to improper neutralization of special elements used in an SQL command...

9.8CVSS5.6AI score0.01987EPSS

Exploits0References5

Patchstack•added 2024/07/19 12:20 p.m.•4 views

WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability

Unauthenticated Blind SQL Injection vulnerability discovered by Asif Wani Patchstack Alliance in WordPress Plugin FormLift for Infusionsoft Web Forms versions = 7.5.17...

9.8CVSS8.1AI score0.01987EPSS

Exploits0Affected Software1

Patchstack•added 2024/07/19 12:0 a.m.•8 views

WordPress FormLift for Infusionsoft Web Forms Plugin <= 7.5.17 is vulnerable to SQL Injection

Software FormLift for Infusionsoft Web Forms Type Plugin Vulnerable versions = 7.5.17 Fixed in 7.5.18 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38773 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d19e614d84b5 Credits Asif Wani Required...

9.8CVSS7.2AI score0.01987EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/10/10 12:0 a.m.•2 views

WordPress Plugin infusionsoft-landing-pages Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS6.6AI score0.00227EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by