2 matches found
CVE-2014-4536
Multiple cross-site scripting XSS vulnerabilities in tests/notAutotestContactServicepauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 go, 2 contactId, or 3 campaignId parameter...
CVE-2014-4536
Infusionsoft Gravity Forms Add-on for WordPress is affected by CVE-2014-4536: multiple XSS vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php, exploitable via the go, contactId, or campaignId parameters in versions before 1.5.6. The nuclei template and WPVulnDB entry corrobora...