Infusionsoft Web Form JavaScript Security & Risk Analysis
wordpress.org/plugins/infusionsoft-web-form-javascriptEasily add Infusionsoft web forms to your posts and pages. Automatically converts JavaScript to WordPress-friendly shortcodes.
Is Infusionsoft Web Form JavaScript Safe to Use in 2026?
Use With Caution
Score 64/100Infusionsoft Web Form JavaScript has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The plugin "infusionsoft-web-form-javascript" v1.1.1 exhibits a mixed security posture. While the static analysis shows a very limited attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no direct SQL queries or file operations, there are significant concerns regarding output escaping and a known vulnerability.
The static analysis reveals that only 25% of the identified output points are properly escaped, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities. This is further corroborated by the vulnerability history, which shows a medium severity CVE related to 'Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')'. The existence of a currently unpatched medium severity vulnerability is a critical weakness that needs immediate attention.
While the absence of common attack vectors like direct SQL injection or insecure file operations is positive, the unpatched XSS vulnerability and the poor output escaping practices present a tangible risk to users. The plugin's vulnerability history suggests a pattern of potential security flaws, necessitating a cautious approach and prompt patching of identified vulnerabilities.
Key Concerns
- Unpatched Medium severity CVE
- Poor output escaping (75% unescaped)
Infusionsoft Web Form JavaScript Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Infusionsoft Web Form JavaScript <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Infusionsoft Web Form JavaScript Release Timeline
Infusionsoft Web Form JavaScript Code Analysis
Output Escaping
Infusionsoft Web Form JavaScript Attack Surface
WordPress Hooks 4
Maintenance & Trust
Infusionsoft Web Form JavaScript Maintenance & Trust
Maintenance Signals
Community Trust
Infusionsoft Web Form JavaScript Alternatives
Web Form Integration
webform-integration
Any Web form integration into WordPress website. Shortcode option to place form any where in wordpress website.
CTS InfusionSoft Form Shortcode
cts-infusionsoft-form-shortcode
This plugin adds a shortcode to easily insert into posts and pages the javascript code required to embed an InfusionSoft web form.
Infusionsoft Exit Optin
infusionsoft-exit-optin
Pop-up an Infusionsoft web form when your visitor goes to leave your site.
Infusionsoft One-click Upsell
infusionsoft-one-click-upsell
Easily upsell Infusionsoft® customers from within WordPress using shortcodes.
RackForms Express Web Form Builder
rackforms-express
RackForms Express For WordPress is a FREE and UNLIMITED web form builder.
Infusionsoft Web Form JavaScript Developer Profile
6 plugins · 380 total installs
How We Detect Infusionsoft Web Form JavaScript
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/infusionsoft-web-form-javascript/novaksolutions-infusionsoft-javascript.phpHTML / DOM Fingerprints
javascript-containerdata-src[javascript[javascript src=