Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 47135 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47135 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4566 | 1 Verweise-wordpress-twitter Project | 1 Verweise-wordpress-twitter | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter. | ||||
| CVE-2014-4568 | 1 Videowhisper | 1 Video Posts Webcam Recorder | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2014-4569 | 1 Videowhisper | 1 Videowhisper Live Streaming Integration | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter. | ||||
| CVE-2014-4570 | 1 Videowhisper | 1 Video Presentation | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in vp/. | ||||
| CVE-2014-4571 | 1 Vn-calendar Project | 1 Vn-calendar | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vncal.js.php in the VN-Calendar plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) fs or (2) w parameter. | ||||
| CVE-2016-5147 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." | ||||
| CVE-2014-4572 | 1 Votecount For Balatarin Project | 1 Votecount For Balatarin | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount for Balatarin plugin 0.1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) bvcurl parameter. | ||||
| CVE-2014-4573 | 1 Walk Score Project | 1 Walk Score | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) o parameter. | ||||
| CVE-2014-4574 | 1 Webengage Project | 1 Webengage | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter. | ||||
| CVE-2014-4575 | 1 Wikipop Plugin Project | 1 Wikipop | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in js/window.php in the Wikipop plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. | ||||
| CVE-2014-4576 | 1 Wordpress Social Login Project | 1 Wordpress Social Login | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter. | ||||
| CVE-2014-4578 | 1 Wp App Maker Project | 1 Wp App Maker | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter. | ||||
| CVE-2015-1363 | 1 Freereprintables | 1 Articlefr | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Free Reprintables ArticleFR 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter to search/v/. | ||||
| CVE-2014-4579 | 1 Wp Appointments Schedules Project | 1 Wp Appointments Schedules | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in js/test.php in the Appointments Scheduler plugin 1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2014-4580 | 1 Wp Blipbot Project | 1 Wp Blipbot | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP BlipBot plugin 3.0.9 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the BlipBotID parameter. | ||||
| CVE-2013-6220 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0, 9.10, and 9.20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-4581 | 1 Wpcb Project | 1 Wpcb | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in facture.php in the WPCB plugin 2.4.8 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2014-4582 | 1 Wp Consultant Project | 1 Wp Consultant | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/admin_show_dialogs.php in the WP Consultant plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the dialog_id parameter. | ||||
| CVE-2015-1366 | 1 Pixabay Images Project | 1 Pixabay Images | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter. | ||||
| CVE-2014-4583 | 1 Wp-contact Plugin Project | 1 Wp-contact-sidebar-widget | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) order_direction, (3) limit_start, (4) id, or (5) order parameter. | ||||