ID CVE-2014-4554 Type cve Reporter NVD Modified 2015-08-28T12:26:39
Description
Cross-site scripting (XSS) vulnerability in templates/download.php in the SS Downloads plugin before 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title parameter.
{"reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "dependencies": {"references": [], "modified": "2016-09-03T20:40:56"}, "vulnersScore": 4.3}, "published": "2014-07-02T16:55:06", "cvelist": ["CVE-2014-4554"], "title": "CVE-2014-4554", "objectVersion": "1.2", "type": "cve", "hash": "e918c92b871af626dfac3667b5f5dcb41157d7e45a77e4351c18bf21f18a825b", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4554", "bulletinFamily": "NVD", "id": "CVE-2014-4554", "history": [], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2015-08-28T12:26:39", "viewCount": 2, "cpe": ["cpe:/a:ss_downloads_project:ss_downloads:1.4.4.1:-:~-~-~wordpress~~"], "edition": 1, "description": "Cross-site scripting (XSS) vulnerability in templates/download.php in the SS Downloads plugin before 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title parameter.", "references": ["http://wordpress.org/plugins/ss-downloads/changelog", "http://codevigilant.com/disclosure/wp-plugin-ss-downloads-a3-cross-site-scripting-xss", "http://www.securityfocus.com/bid/65141"], "lastseen": "2016-09-03T20:40:56", "assessment": {"system": "", "name": "", "href": ""}}
