CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Prion•added 2014/07/02 6:55 p.m.•18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 roomname parameter to clogin.php or 2 room parameter to index.php in vp/...

4.3CVSS6.2AI score0.02023EPSS

Exploits1References3Affected Software1

Prion•added 2014/07/02 6:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in uploader.php in the WP Silverlight Media Player wp-media-player plugin 0.8 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the postid parameter...

4.3CVSS6.3AI score0.01618EPSS

Exploits1References2Affected Software1

Prion•added 2014/07/02 6:55 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager wphotfiles plugin 1.0.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mediaid parameter...

4.3CVSS6.2AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•16 views

CVE-2014-4541

Cross-site scripting XSS vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter...

5.9AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•18 views

CVE-2014-4572

Cross-site scripting XSS vulnerability in bvc.php in the Votecount for Balatarin plugin 0.1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 1 url or 2 bvcurl parameter...

5.8AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•21 views

CVE-2014-4574

Cross-site scripting XSS vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter...

5.8AI score0.02046EPSS

Exploits1References3

Cvelist•added 2014/07/02 6:0 p.m.•31 views

CVE-2014-4593

Cross-site scripting XSS vulnerability in wp-plugins-net/index.php in the WP Plugin Manager wppm plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

5.8AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•18 views

CVE-2014-4601

Cross-site scripting XSS vulnerability in wu-ratepost.php in the Wu-Rating plugin 1.0 12319 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the v parameter...

5.9AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•25 views

CVE-2014-4557

Cross-site scripting XSS vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop swipe-hq-checkout-for-jigoshop plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter...

5.9AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•19 views

CVE-2014-4543

Multiple cross-site scripting XSS vulnerabilities in payper/payper.php in the Pay Per Media Player plugin 1.24 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 fcolor, 2 links, 3 stitle, 4 height, 5 width, 6 host, 7 bcolor, 8 msg, 9 id, or 10 size...

5.9AI score0.01618EPSS

Exploits1References2

Cvelist•added 2014/07/02 6:0 p.m.•21 views

CVE-2014-4600

Multiple cross-site scripting XSS vulnerabilities in contact/edit.php in the WP Ultimate Email Marketer plugin 1.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 listname or 2 contact parameter...

5.9AI score0.01618EPSS

Exploits1References2

Cvelist•added 2014/07/02 6:0 p.m.•22 views

CVE-2014-4573

Multiple cross-site scripting XSS vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 s or 2 o parameter...

5.9AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•16 views

CVE-2014-4580

Cross-site scripting XSS vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID parameter...

5.8AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/02 6:0 p.m.•17 views

CVE-2014-4587

Multiple cross-site scripting XSS vulnerabilities in the WP GuestMap plugin 1.8 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 zl, 2 mt, or 3 dc parameter to guest-locator.php; the 4 zl, 5 mt, 6 activate, or 7 dc parameter to online-tracker.php;...

5.9AI score0.01618EPSS

Exploits1References2

NVD•added 2014/07/01 2:55 p.m.•18 views

CVE-2014-4520

Cross-site scripting XSS vulnerability in phprack.php in the DMCA WaterMarker plugin before 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the plugindir parameter...

4.3CVSS5.8AI score0.02046EPSS

Exploits1References3

NVD•added 2014/07/01 2:55 p.m.•15 views

CVE-2014-4518

Cross-site scripting XSS vulnerability in xdresize.php in the Contact Form by ContactMe.com plugin 2.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter...

4.3CVSS5.8AI score0.01629EPSS

Exploits1References1

NVD•added 2014/07/01 2:55 p.m.•15 views

CVE-2014-4528

Multiple cross-site scripting XSS vulnerabilities in admin/swarm-settings.php in the Bugs Go Viral : Facebook Promotion Generator fbpromotions plugin 1.3.4 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 promotype, 2 fbeditaction, or 3 promoid...

4.3CVSS5.9AI score0.01629EPSS

Exploits1References1

NVD•added 2014/07/01 2:55 p.m.•13 views

CVE-2014-4533

Cross-site scripting XSS vulnerability in ajaxfunctions.php in the GEO Redirector plugin 1.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the hidid parameter...

4.3CVSS5.8AI score0.01629EPSS

Exploits1References1

NVD•added 2014/07/01 2:55 p.m.•22 views

CVE-2014-4538

Cross-site scripting XSS vulnerability in process.php in the Malware Finder plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the query parameter...

4.3CVSS5.8AI score0.01629EPSS

Exploits1References1

Cvelist•added 2014/07/01 2:0 p.m.•21 views

CVE-2014-4516

Cross-site scripting XSS vulnerability in bicm-carousel-preview.php in the BIC Media Widget plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the param parameter...

5.9AI score0.01629EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by