CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Infusionsoft Gravity Forms Project: >> Infusionsoft Gravity Forms >> 1.5.9.1 Security Vulnerabilities

CVE-2014-6446

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/code_generator.php.

CVSS Score

7.5

EPSS Score

0.808

Published

2014-09-26

Page 1

Vulnerabilities

Vulnerable Software

Infusionsoft Gravity Forms Project: >> Infusionsoft Gravity Forms >> 1.5.9.1 Security Vulnerabilities

Products

Pricing

Contact Us