CVE-2025-47654 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.20 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Reflected XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.20...

CVE-2025-31434 WordPress FormLift for Infusionsoft Web Forms <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Stored XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.19...

CVE-2025-31434 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.19 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Stored XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.19...

CVE-2025-31434

CVE-2025-31434 is an authenticated Stored XSS affecting FormLift for Infusionsoft Web Forms (WordPress plugin). Affected: FormLift for Infusionsoft Web Forms versions up to 7.5.19. Root cause: improper neutralization/handling of user input during web page generation leads to stored cross-site scr...