Total
45574 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4187 | 1 Clip-bucket | 1 Clipbucket | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote attackers to inject arbitrary web script or HTML via the Username field. | ||||
| CVE-2014-4189 | 1 Hitachi | 2 Jp1\/performance Management-manager Web Option, Tuning Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-4301 | 1 Ajenti | 1 Ajenti | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) resources.js or (2) resources.css in ajenti:static/, related to the traceback page. | ||||
| CVE-2014-4302 | 1 Ham3d | 1 Ham3d Shop Engine | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | ||||
| CVE-2014-4303 | 1 Drupac | 1 Touch | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web script or HTML via vectors related to the (1) Twitter and (2) Facebook username settings. | ||||
| CVE-2014-4304 | 1 Sqlbuddy | 1 Sql Buddy | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy 1.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter. | ||||
| CVE-2014-4515 | 1 Anyfont Plugin Project | 1 Anyfont | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in the AnyFont plugin 2.2.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the text parameter. | ||||
| CVE-2014-4516 | 1 Bic Media Widget Plugin | 1 Bic Media Widget | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in bicm-carousel-preview.php in the BIC Media Widget plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the param parameter. | ||||
| CVE-2014-4517 | 1 Cbi Referral Manager Project | 1 Cbi Referral Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in getNetworkSites.php in the CBI Referral Manager plugin 1.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the searchString parameter. | ||||
| CVE-2014-4518 | 1 D-coda | 1 Contactme | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in xd_resize.php in the Contact Form by ContactMe.com plugin 2.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter. | ||||
| CVE-2014-4520 | 1 Dmca | 1 Dmca Watermarker | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in phprack.php in the DMCA WaterMarker plugin before 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the plugin_dir parameter. | ||||
| CVE-2014-4521 | 1 Diversesolutions | 1 Dsidxpress Idx Plugin | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2014-4534 | 2 Html5 Video Player With Playlist Plugin Project, Wordpress | 2 Html5 Video Player With Playlist Plugin, Wordpress | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) theme or (2) playlistmod parameter. | ||||
| CVE-2014-4537 | 1 Keyword Strategy Internal Links Project | 1 Keyword Strategy Internal Links | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the Keyword Strategy Internal Links plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) sort, (2) search, or (3) dir parameter. | ||||
| CVE-2014-4538 | 1 Malware Finder Plugin Project | 1 Malware Finder | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in process.php in the Malware Finder plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2014-4540 | 1 Oleggo Livestream Project | 1 Oleggo Livestream | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_login_form.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2014-4551 | 1 Social Connect Project | 1 Social Connect | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the testing parameter. | ||||
| CVE-2014-4552 | 1 Spotlightyour | 1 Spotlightyour | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the paymentType parameter. | ||||
| CVE-2014-4554 | 1 Ss Downloads Project | 1 Ss Downloads | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in templates/download.php in the SS Downloads plugin before 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title parameter. | ||||
| CVE-2014-4555 | 1 Style It Project | 1 Style It | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the Style It plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter. | ||||