Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4588 | 1 Hot Files\ | 1 File Sharing And Download Manager Project | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager (wphotfiles) plugin 1.0.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mediaid parameter. | |||||
| CVE-2014-4593 | 1 Wp Plugin Manager Project | 1 Wp Plugin Manager | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wp-plugins-net/index.php in the WP Plugin Manager (wppm) plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filter parameter. | |||||
| CVE-2014-4601 | 1 Wu-rating Project | 1 Wu-rating | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wu-ratepost.php in the Wu-Rating plugin 1.0 12319 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the v parameter. | |||||
| CVE-2014-4849 | 1 Foecms | 1 Foecms | 2014-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the (1) e or (2) r parameter. | |||||
| CVE-2014-2963 | 1 Liferay | 1 Liferay Portal | 2014-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter. | |||||
| CVE-2014-4551 | 1 Social Connect Project | 1 Social Connect | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the testing parameter. | |||||
| CVE-2014-4552 | 1 Spotlightyour | 1 Spotlightyour | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the paymentType parameter. | |||||
| CVE-2014-4572 | 1 Votecount For Balatarin Project | 1 Votecount For Balatarin | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount for Balatarin plugin 0.1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) bvcurl parameter. | |||||
| CVE-2014-4573 | 1 Walk Score Project | 1 Walk Score | 2014-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) o parameter. | |||||
| CVE-2014-4557 | 1 Jigoshop | 1 Swipe Hq Checkout For Jigoshop | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop (swipe-hq-checkout-for-jigoshop) plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter. | |||||
| CVE-2014-4560 | 1 Toolpage Project | 1 Toolpage | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in includes/getTipo.php in the ToolPage plugin 1.6.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the t parameter. | |||||
| CVE-2014-4581 | 1 Wpcb Project | 1 Wpcb | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in facture.php in the WPCB plugin 2.4.8 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2014-4568 | 1 Videowhisper | 1 Video Posts Webcam Recorder | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2014-4566 | 1 Verweise-wordpress-twitter Project | 1 Verweise-wordpress-twitter | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter. | |||||
| CVE-2014-4742 | 1 Kajona | 1 Kajona | 2014-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in system/class_link.php in the System module (module_system) in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php. | |||||
| CVE-2014-4578 | 1 Wp App Maker Project | 1 Wp App Maker | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter. | |||||
| CVE-2014-4580 | 1 Wp Blipbot Project | 1 Wp Blipbot | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID parameter. | |||||
| CVE-2014-4590 | 1 Wp Microblogs Project | 1 Wp Microblogs | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in get.php in the WP Microblogs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the oauth_verifier parameter. | |||||
| CVE-2014-4582 | 1 Wp Consultant Project | 1 Wp Consultant | 2014-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/admin_show_dialogs.php in the WP Consultant plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the dialog_id parameter. | |||||
| CVE-2014-4595 | 1 Wp Restful Project | 1 Wp Restful | 2014-07-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WP RESTful plugin 0.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) oauth_callback parameter to html_api_authorize.php or the (2) oauth_token_temp or (3) oauth_callback_temp parameter to html_api_login.php. | |||||