Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4560 | 1 Toolpage Project | 1 Toolpage | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in includes/getTipo.php in the ToolPage plugin 1.6.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the t parameter. | |||||
| CVE-2014-4566 | 1 Verweise-wordpress-twitter Project | 1 Verweise-wordpress-twitter | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter. | |||||
| CVE-2014-4568 | 1 Videowhisper | 1 Video Posts Webcam Recorder | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2014-4742 | 1 Kajona | 1 Kajona | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in system/class_link.php in the System module (module_system) in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php. | |||||
| CVE-2014-4578 | 1 Wp App Maker Project | 1 Wp App Maker | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter. | |||||
| CVE-2014-4580 | 1 Wp Blipbot Project | 1 Wp Blipbot | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID parameter. | |||||
| CVE-2014-4590 | 1 Wp Microblogs Project | 1 Wp Microblogs | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in get.php in the WP Microblogs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the oauth_verifier parameter. | |||||
| CVE-2014-4582 | 1 Wp Consultant Project | 1 Wp Consultant | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/admin_show_dialogs.php in the WP Consultant plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the dialog_id parameter. | |||||
| CVE-2014-4595 | 1 Wp Restful Project | 1 Wp Restful | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WP RESTful plugin 0.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) oauth_callback parameter to html_api_authorize.php or the (2) oauth_token_temp or (3) oauth_callback_temp parameter to html_api_login.php. | |||||
| CVE-2014-4599 | 1 Wp-business Directory Project | 1 Wp-business Directory | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in forms/search.php in the WP-Business Directory (wp-ttisbdir) plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) search_term, (3) page_id, (4) page, or (5) page_links parameter. | |||||
| CVE-2014-4600 | 2 Wordpress, Wp Ultimate Email Marketer Project | 2 Wordpress, Wp Ultimate Email Marketer | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact/edit.php in the WP Ultimate Email Marketer plugin 1.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) listname or (2) contact parameter. | |||||
| CVE-2014-4604 | 1 Your-text-manager Project | 1 Your-text-manager | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter. | |||||
| CVE-2014-4605 | 1 Zdstatistics Project | 1 Zdstatistics | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cal/test.php in the ZdStatistics (zdstats) plugin 2.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
| CVE-2014-4606 | 1 Zeenshare Project | 1 Zeenshare | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in redirect_to_zeenshare.php in the ZeenShare plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the zs_sid parameter. | |||||
| CVE-2014-4555 | 1 Style It Project | 1 Style It | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the Style It plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter. | |||||
| CVE-2014-4546 | 1 Rezgo Project | 1 Rezgo | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in book_ajax.php in the Rezgo plugin 1.4.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the response parameter. | |||||
| CVE-2014-4534 | 2 Html5 Video Player With Playlist Plugin Project, Wordpress | 2 Html5 Video Player With Playlist Plugin, Wordpress | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) theme or (2) playlistmod parameter. | |||||
| CVE-2014-4565 | 1 Verification Code For Comments Project | 1 Verification Code For Comments | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vcc.js.php in the Verification Code for Comments plugin 2.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) vp, (2) vs, (3) l, (4) vu, or (5) vm parameter. | |||||
| CVE-2014-4563 | 1 Url Cloak \& Encrypt Project | 1 Url Cloak \& Encrypt | 2014-07-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak & Encrypt (url-cloak-encrypt) plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2014-4195 | 1 Aas9 | 1 Zerocms | 2014-07-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter. | |||||