CVE-2014-4585
The CVE-2014-4585 entry concerns the WP-FaceThumb WordPress plugin (likely 1.0 and earlier) suffering a Cross‑site Scripting (XSS) vulnerability. According to the records, an attacker could inject arbitrary script or HTML via the ajax_url parameter to index.php, enabling remote code/input manipul...