Lucene search
HistoryJul 02, 2014 - 8:55 p.m.
CVE-2014-4591
cve-2014-4591
cross-site scripting
xss
picasa_upload.php
wp-picasa-image plugin
nvd
wordpress
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Cross-site scripting (XSS) vulnerability in picasa_upload.php in the WP-Picasa-Image plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_id parameter.
Affected configurations
Node
wp_picasa_image_projectwp_picasa_imageRange≤1.0---wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp_picasa_image_project:wp_picasa_image | wp picasa image project wp picasa image | le | 1.0 |
Related
patchstack
patchstack
WordPress Picasa Image Plugin <=1.0 - XSS
2014-06-23 00:00:00
wpvulndb
wpvulndb
WP Picasa Image <= 1.0 - XSS
2014-06-12 00:00:00
cvelist
cvelist
CVE-2014-4591
2014-07-02 20:00:00
nvd
nvd
CVE-2014-4591
2014-07-02 20:55:06
prion
prion
Cross site scripting
2014-07-02 20:55:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Related for CVE-2014-4591