CVE-2014-6446

Infusionsoft Gravity Forms 1.5.3-1.5.10 - Unauthenticated Arbitrary File Upload and Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-6446. PoCs published by Metasploit, g0blin, us3r777 <[email protected]>, including Metasploit module exploits/unix/webapp/wp_infusionsoft_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary PHP code upload vulnerability in the WordPress InfusionSoft Gravity Forms plugin (versions 1.5.3 to 1.5.10). It uploads a malicious PHP file via the 'code_generator.php' endpoint and executes it to achieve remote code execution.

Description

The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/code_generator.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/34925

This Metasploit module exploits an arbitrary PHP code upload vulnerability in the WordPress InfusionSoft Gravity Forms plugin (versions 1.5.3 to 1.5.10). It uploads a malicious PHP file via the 'code_generator.php' endpoint and executes it to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress InfusionSoft Gravity Forms plugin 1.5.3 - 1.5.10
No auth needed
Prerequisites: Target must have the vulnerable InfusionSoft Gravity Forms plugin installed and accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by g0blin, us3r777 <[email protected]> · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_infusionsoft_upload.rb

This Metasploit module exploits an arbitrary PHP code upload vulnerability in the WordPress Infusionsoft Gravity Forms plugin (versions 1.5.3 to 1.5.10). It uploads a malicious PHP file via the 'code_generator.php' endpoint and triggers execution by accessing the uploaded file.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress Infusionsoft Gravity Forms plugin 1.5.3 - 1.5.10
No auth needed
Prerequisites: Target running vulnerable WordPress Infusionsoft Gravity Forms plugin · Network access to the WordPress site
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/34925
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/112171

Scores

EPSS 0.4617
EPSS Percentile 98.7%

Details

CWE
CWE-94
Status published
Products (18)
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.3
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.4
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.4.1
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.4.2
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.5
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.6
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.7
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.7.1
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.7.2
infusionsoft_gravity_forms_project/infusionsoft_gravity_forms 1.5.8
... and 8 more
Published Sep 26, 2014
Tracked Since Feb 18, 2026