cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2014-4536,https://securityvulnerability.io/vulnerability/CVE-2014-4536,,"Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.",Wordpress,Infusionsoft Gravity Forms,6.1,MEDIUM,0.002300000051036477,false,,false,false,false,,false,false,2019-12-27T19:01:40.000Z,0
CVE-2014-6446,https://securityvulnerability.io/vulnerability/CVE-2014-6446,,"The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/code_generator.php.",Wordpress,Infusionsoft Gravity Forms,,,0.6667400002479553,false,,false,false,false,,false,false,2014-09-26T21:00:00.000Z,0