ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Infusionsoft Gravity Forms Add-on Plugin <= 1.5.11 - XSS

Product
InfusionSoft
Description
This plugin is prone to a cross site scripting vulnerability.
Solution
Upgrade the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Openwall
Vapid
CVE
Name CVE-2016-1000139
Versions
Affected In <= 1.5.11
Fixed In 1.5.12
Disclosure date
2016-04-12
Submitter
ThreatPress