CVE-2014-4537

Cross-site scripting XSS vulnerability in inpage.tpl.php in the Keyword Strategy Internal Links plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 sort, 2 search, or 3 dir parameter...

CVE-2014-4527

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

CVE-2014-4529

Cross-site scripting XSS vulnerability in fpgpreview.php in the Flash Photo Gallery plugin 0.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter...

CVE-2014-4524

Cross-site scripting XSS vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in posts/videowhisper/rlogout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the WordPress Responsive Preview plugin before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in wp-tmkm-amazon-search.php in the wp-tmkm-amazon plugin 1.5b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the AID parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in forms/search.php in the WP-Business Directory wp-ttisbdir plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 searchterm, 3 pageid, 4 page, or 5 pagelinks parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in cal/test.php in the ZdStatistics zdstats plugin 2.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in yupdatesapplication.php in the Yahoo! Updates for WordPress plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 secret, 2 key, or 3 appid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in uploader.php in the WP Silverlight Media Player wp-media-player plugin 0.8 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the postid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager wphotfiles plugin 1.0.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mediaid parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the WP GuestMap plugin 1.8 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 zl, 2 mt, or 3 dc parameter to guest-locator.php; the 4 zl, 5 mt, 6 activate, or 7 dc parameter to online-tracker.php;...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in templates/default/indexajax.php in the Rezgo Online Booking plugin before 1.8.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 tags or 2 searchfor parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 roomname parameter to clogin.php or 2 room parameter to index.php in vp/...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters envialosimple-email-marketing-y-newsletters-gratis plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Form...

Cross site scripting

Cross-site scripting XSS vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop swipe-hq-checkout-for-jigoshop plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter...