CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2025/05/22 1:38 p.m.•5 views

CVE-2014-4561

The ultimate-weather plugin 1.0 for WordPress has XSS...

6.1CVSS7AI score0.08506EPSS

Exploits2References1

CNVD•added 2020/01/14 12:0 a.m.•1 views

WordPress ultimate-weather cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Give is a fundraising platform plugin used in it. ghost is a plugin used in it for importing/exporting WordPress data. A cross-site...

6.1CVSS6.3AI score0.08506EPSS

Exploits2References1

NVD•added 2020/01/10 2:15 p.m.•6 views

CVE-2014-4561

The ultimate-weather plugin 1.0 for WordPress has XSS...

6.1CVSS6.1AI score0.08506EPSS

Exploits2References1

Cvelist•added 2020/01/10 1:2 p.m.•12 views

CVE-2014-4561

The ultimate-weather plugin 1.0 for WordPress has XSS...

6.1AI score0.08506EPSS

Exploits2References1

EUVD•added 2020/01/10 1:2 p.m.•3 views

EUVD-2014-4488

The ultimate-weather plugin 1.0 for WordPress has XSS...

6.1CVSS6.1AI score0.08506EPSS

Exploits2References1

CVE•added 2020/01/10 1:2 p.m.•102 views

CVE-2014-4561

CVE-2014-4561 affects the WordPress Ultimate Weather Plugin (

6.1CVSS6AI score0.08506EPSS

Exploits2References1Affected Software1

WPVulnDB•added 2014/04/25 12:0 a.m.•14 views

Ultimate Weather Plugin <= 1.0 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. PoC http://www.example.com/wp-content/plugins/ultimate–weather–plugin/magpierss/scripts/magpiedebug.php?url=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E...

4.3CVSS0.9AI score0.08506EPSS

Exploits2References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by