Lucene search

K
nvd[email protected]NVD:CVE-2014-4527
HistoryJul 02, 2014 - 6:55 p.m.

CVE-2014-4527

2014-07-0218:55:08
CWE-79
web.nvd.nist.gov
2

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.0%

Multiple cross-site scripting (XSS) vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters (envialosimple-email-marketing-y-newsletters-gratis) plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) FormID or (2) AdministratorID parameter.

Affected configurations

NVD
Node
envialosimpleemail_marketing_y_newslettersRange1.97---wordpress

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.0%

Related for NVD:CVE-2014-4527