Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2014-8584
HistoryNov 04, 2014 - 3:55 p.m.

CVE-2014-8584

2014-11-0415:55:06
CWE-79
mitre
web.nvd.nist.gov
19
cve-2014-8584
cross-site scripting
xss
web dorado spider
video player
wordpress
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd
Node
web-doradoweb-dorado_spider_video_playerMatch1.4.7wordpress
OR
web-doradoweb-dorado_spider_video_playerMatch1.4.8wordpress
OR
web-doradoweb-dorado_spider_video_playerMatch1.4.9wordpress
OR
web-doradoweb-dorado_spider_video_playerMatch1.5wordpress
OR
web-doradoweb-dorado_spider_video_playerMatch1.5.1wordpress
VendorProductVersionCPE
web-doradoweb-dorado_spider_video_player1.4.7cpe:2.3:a:web-dorado:web-dorado_spider_video_player:1.4.7:*:*:*:*:wordpress:*:*
web-doradoweb-dorado_spider_video_player1.4.8cpe:2.3:a:web-dorado:web-dorado_spider_video_player:1.4.8:*:*:*:*:wordpress:*:*
web-doradoweb-dorado_spider_video_player1.4.9cpe:2.3:a:web-dorado:web-dorado_spider_video_player:1.4.9:*:*:*:*:wordpress:*:*
web-doradoweb-dorado_spider_video_player1.5cpe:2.3:a:web-dorado:web-dorado_spider_video_player:1.5:*:*:*:*:wordpress:*:*
web-doradoweb-dorado_spider_video_player1.5.1cpe:2.3:a:web-dorado:web-dorado_spider_video_player:1.5.1:*:*:*:*:wordpress:*:*

Related

openvas 1
cvelist 1
nvd 1
wpvulndb 1
patchstack 1
prion 1
openvas
openvas
WordPress Web Dorado Spider Video Player XSS Vulnerability
2014-11-07 00:00:00
cvelist
cvelist
CVE-2014-8584
2014-11-04 15:00:00
nvd
nvd
CVE-2014-8584
2014-11-04 15:55:06
wpvulndb
wpvulndb
WordPress Video Player < 1.5.2 - Multiple Cross-Site Scripting (XSS)
2014-11-11 17:47:08
patchstack
patchstack
WordPress Spider Video Player Plugin <= 1.5.1 - XSS
2014-11-04 00:00:00
prion
prion
Cross site scripting
2014-11-04 15:55:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON
Related for CVE-2014-8584
openvas1cvelist1nvd1wpvulndb1patchstack1prion1