Skip to main content

Infusionsoft Gravity Forms

1 CVEs product

Monthly

CVE-2014-6446 HIGH POC PATCH THREAT Act Now

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.2%.

RCE WordPress PHP Code Injection Infusionsoft Gravity Forms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.2%
Threat
5.5
EPSS 82% 5.5 CVSS 7.5
HIGH POC PATCH THREAT Act Now

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.2%.

RCE WordPress PHP +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy