Lucene search
K

5 matches found

NVD
NVD
added 2014/03/01 12:1 a.m.27 views

CVE-2014-1888

Cross-site scripting XSS vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. NOTE: this can be exploited without authentication by leveraging CVE-2014-188...

4.3CVSS6.1AI score0.02587EPSS
Exploits3References7
Cvelist
Cvelist
added 2014/02/28 5:0 p.m.23 views

CVE-2014-1888

Cross-site scripting XSS vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. NOTE: this can be exploited without authentication by leveraging CVE-2014-188...

6.1AI score0.02587EPSS
Exploits3References7
CVE
CVE
added 2014/02/28 5:0 p.m.62 views

CVE-2014-1888

CVE-2014-1888 affects the BuddyPress plugin for WordPress up to version 1.9.1. It is a stored XSS in the group-details form: an attacker can inject script via the group name field in /groups/create/step/group-details/. The note indicates this can be exploited without authentication by leveraging ...

4.3CVSS5.9AI score0.02587EPSS
Exploits3References7Affected Software1
0day.today
0day.today
added 2014/02/15 12:0 a.m.42 views

WordPress Buddypress 1.9.1 Cross Site Scripting Vulnerability

WordPress Buddypress plugin versions 1.9.1 and below suffer from a persistent cross site scripting vulnerability. Vulnerability: Wordpress plugin Buddypress = 1.9.1 stored xss Date: 13/02/2014 Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link:...

4.3CVSS5.9AI score0.02587EPSS
Exploits3
Packet Storm
Packet Storm
added 2014/02/14 12:0 a.m.31 views

WordPress Buddypress 1.9.1 Cross Site Scripting

Vulnerability: Wordpress plugin Buddypress = 1.9.1 stored xss Date: 13/02/2014 Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link: http://downloads.wordpress.org/plugin/buddypress.1.9.1.zip Version: 1.9.1 CVE : CVE-2014-1888 Responsibly disclosed and patched in version 1.9....

4.3CVSS6.5AI score0.02587EPSS
Exploits3
Rows per page
Query Builder