CVE-2014-4575
The CVE-2014-4575 entry documents a Cross-Site Scripting (XSS) vulnerability in the WordPress Wikipop plugin (versions 2.0 and earlier) due to insecure handling in js/window.php, allowing injection of arbitrary script via the s parameter. Affected product: WordPress Wikipop plugin