2 matches found
CVE-2014-4664
The CVE affects Wordfence Security/Firewall Plugin for WordPress (WordfenceWhois page) where the whoisval parameter in wp-admin/admin.php is not properly sanitized, allowing a reflected XSS. Root cause: insufficient input sanitization of the whoisval GET parameter. Impact: an attacker can craft a...
WordPress Wordfence Firewall 5.1.2 Cross Site Scripting Vulnerability
WordPress Wordfence Firewall plugin version 5.1.2 suffers from a cross site scripting vulnerability. Product: Wordfence Firewall Plugin For Wordpress Vendor: Wordfence Vulnerable Versions: 5.1.2 Tested Version: 5.1.2 Advisory Publication: June 30, 2014 without technical details Vendor Notificatio...