Unrated severityNVD Advisory· Published Jul 22, 2024· Updated Apr 28, 2026

WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability

CVE-2024-38773

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17.

Affected products

Adrian Tobey/Formlift For Infusionsoft Web Formsv5
Range: n/a

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchstack.com/database/vulnerability/formlift/wordpress-formlift-plugin-7-5-17-unauthenticated-blind-sql-injection-vulnerabilitymitrevdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.030
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000