Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Infility — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Infility. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Infility provides cloud-based infrastructure and application management solutions, enabling organizations to streamline their IT operations. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for the majority of their 10 recorded CVEs. While no major public security incidents have been documented, their vulnerability history suggests consistent weaknesses in input validation and access control mechanisms. The company's security posture appears to focus on patching rather than proactive security-by-design approaches, with vulnerabilities typically discovered through external research rather than internal testing programs.

Top products by Infility: Infility Global
CVE IDTitleCVSSSeverityPublished
CVE-2025-15268 Infility Global <= 2.14.46 - Unauthenticated SQL Injection via Predictable API Key and IP Whitelist Bypass — Infility GlobalCWE-89 7.5 High2026-02-04
CVE-2025-68864 WordPress Infility Global plugin <= 2.15.11 - Cross Site Scripting (XSS) vulnerability — Infility GlobalCWE-79 7.1 High2026-01-22
CVE-2025-68865 WordPress Infility Global plugin <= 2.15.06 - SQL Injection vulnerability — Infility GlobalCWE-89 9.3 Critical2026-01-05
CVE-2025-12968 Infility Global <= 2.14.42 - Authenticated (Subscriber+) Arbitrary File Upload — Infility GlobalCWE-434 8.8 High2025-12-12
CVE-2025-47650 WordPress Infility Global <= 2.15.06 - Arbitrary File Download vulnerability — Infility GlobalCWE-22 6.5 Medium2025-08-20
CVE-2025-47652 WordPress Infility Global plugin <= 2.13.4 - Reflected Cross Site Scripting (XSS) vulnerability — Infility GlobalCWE-79 7.1 High2025-07-16
CVE-2025-52774 WordPress Infility Global plugin <= 2.15.06 - Cross Site Scripting (XSS) vulnerability — Infility GlobalCWE-79 7.1 High2025-06-27
CVE-2025-47651 WordPress Infility Global plugin <= 2.15.06 - SQL Injection vulnerability — Infility GlobalCWE-89 8.5 High2025-06-09
CVE-2024-11496 Infility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update — Infility GlobalCWE-862 6.5 Medium2025-01-07
CVE-2024-12290 Infility Global <= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter — Infility GlobalCWE-79 6.1 Medium2025-01-07

This page lists every published CVE security advisory associated with Infility. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.