WordPress Plugin Vulnerabilities

Infusionsoft Gravity Forms 1.5.3 - 1.5.10 Arbitrary File Upload

Description

The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by a 1.5.10 Arbitrary File Upload security vulnerability.

Affects Plugins

Plugin icon
infusionsoft
Fixed in 1.5.10

References

CVE
CVE-2014-6446
Exploitdb
34925
URL
exploit/unix/webapp/wp_infusionsoft_upload
URL
https://packetstormsecurity.com/files/#131002/
URL
https://g0blin.co.uk/cve-2014-6446/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
f9a76869-4851-45af-a59c-a8649ded35f0

Timeline

Publicly Published
2014-10-06 (about 11 years ago)
Added
2014-10-06 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-10-17
Title
Nice Backgrounds <= 1.0 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2014-08-01
Title
moneymasters - Arbitrary File Upload
Published
2025-01-16
Title
Advanced File Manager 5.2.12 - 5.2.13 - Subscriber+ Arbitrary File Upload
Published
2023-01-17
Title
Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload
Published
2024-10-24
Title
aDirectory < 1.3.1 - Unauthenticated Arbitrary File Upload