| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4281 | FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow | trainingbusinesspros | FormLift for Infusionsoft Web Forms | Medium | 5.3 | 2026-03-26 03:37:28 | Deep Dive |
| CVE-2025-12750 | Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 4.9 | 2025-11-21 09:27:03 | Deep Dive |
| CVE-2025-4206 | WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File Deletion | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | High | 7.2 | 2025-05-09 11:11:19 | Deep Dive |
| CVE-2025-1267 | Groundhogg <= 3.7.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via label Parameter | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 5.5 | 2025-04-01 06:52:05 | Deep Dive |
| CVE-2025-0394 | Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | High | 8.8 | 2025-01-14 08:23:14 | Deep Dive |
| CVE-2023-2717 | Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All Plugins | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 5.4 | 2023-05-20 02:03:25 | Deep Dive |
| CVE-2023-2736 | Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Privilege Escalation | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | High | 7.5 | 2023-05-20 02:03:24 | Deep Dive |
| CVE-2023-2735 | Groundhogg <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 4.9 | 2023-05-20 02:03:23 | Deep Dive |
| CVE-2023-2716 | Groundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File Upload | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 5.4 | 2023-05-20 02:03:22 | Deep Dive |
| CVE-2023-2714 | Groundhogg <= 2.7.9.8 - Missing Authorization to Update License | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 4.3 | 2023-05-20 02:03:20 | Deep Dive |
| CVE-2023-2715 | Groundhogg <= 2.7.9.8 - Missing Authorization to Admin Account and Ticket Creation | trainingbusinesspros | Groundhogg — CRM, Newsletters, and Marketing Automation | Medium | 4.3 | 2023-05-20 02:03:19 | Deep Dive |