685 matches found
CVE-2014-6446
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/codegenerator.php...
CVE-2014-6446
CVE-2014-6446 affects the WordPress Infusionsoft Gravity Forms Add-on. The vulnerability exists in versions 1.5.3–1.5.10 and stems from improper access restriction, enabling remote attackers to upload arbitrary files and execute PHP code via a request to utilities/code_generator.php. Affected sof...
WordPress Infusionsoft Gravity Forms Add-on Plugin <= 1.5.6 - XSS
This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...
Infusionsoft Gravity Forms Add-on < 1.5.7 - Unauthenticated Reflected XSS
The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability...
Infusionsoft Gravity Forms Add-on < 1.5.7 - Unauthenticated Reflected XSS
The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability. PoC...