Search

Search Results (363638 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4547 1 Rezgo 1 Online Booking 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in templates/default/index_ajax.php in the Rezgo Online Booking plugin before 1.8.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) tags or (2) search_for parameter.
CVE-2014-4549 1 Woocommerce Sagepay Direct Payment Gateway Project 1 Woocommerce Sagepay Direct Payment Gateway 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplete.php in the WooCommerce SagePay Direct Payment Gateway plugin before 0.1.6.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MD or (2) PARes parameter.
CVE-2014-4551 1 Social Connect Project 1 Social Connect 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the testing parameter.
CVE-2014-4552 1 Spotlightyour 1 Spotlightyour 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the paymentType parameter.
CVE-2014-4554 1 Ss Downloads Project 1 Ss Downloads 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in templates/download.php in the SS Downloads plugin before 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2014-4555 1 Style It Project 1 Style It 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the Style It plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
CVE-2014-4556 1 Swipe Checkout For Eshop Project 1 Swipe Checkout For Eshop 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for eShop plugin 3.7.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.
CVE-2014-4557 1 Jigoshop 1 Swipe Hq Checkout For Jigoshop 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop (swipe-hq-checkout-for-jigoshop) plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.
CVE-2014-4560 1 Toolpage Project 1 Toolpage 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in includes/getTipo.php in the ToolPage plugin 1.6.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the t parameter.
CVE-2014-4563 1 Url Cloak \& Encrypt Project 1 Url Cloak \& Encrypt 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak & Encrypt (url-cloak-encrypt) plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2014-4564 1 Validated Plugin Project 1 Validated Plugin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in check.php in the Validated plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter.
CVE-2014-4565 1 Verification Code For Comments Project 1 Verification Code For Comments 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vcc.js.php in the Verification Code for Comments plugin 2.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) vp, (2) vs, (3) l, (4) vu, or (5) vm parameter.
CVE-2014-4566 1 Verweise-wordpress-twitter Project 1 Verweise-wordpress-twitter 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter.
CVE-2014-4568 1 Videowhisper 1 Video Posts Webcam Recorder 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2014-4569 1 Videowhisper 1 Videowhisper Live Streaming Integration 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter.
CVE-2014-4570 1 Videowhisper 1 Video Presentation 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in vp/.
CVE-2014-4571 1 Vn-calendar Project 1 Vn-calendar 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vncal.js.php in the VN-Calendar plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) fs or (2) w parameter.
CVE-2014-4572 1 Votecount For Balatarin Project 1 Votecount For Balatarin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount for Balatarin plugin 0.1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) bvcurl parameter.
CVE-2014-4573 1 Walk Score Project 1 Walk Score 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) o parameter.
CVE-2014-4574 1 Webengage Project 1 Webengage 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter.