CVE-2014-4521

Опубликовано: 01 июл. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:*:*:*:*:*:wordpress:*:*

Версия до 2.1.0 (включая)

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.0:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.1:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.2:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.3:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.4:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.5:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.6:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.7:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.8:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.9:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.10:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.11:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.12:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.13:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.14:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.15:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.16:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.17:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.18:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.19:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.20:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.21:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.22:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.23:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.24:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.25:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.26:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.27:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.28:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.29:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.30:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.31:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.32:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.33:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.34:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.35:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.36:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.37:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.38:*:*:*:*:wordpress:*:*

cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.39:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 39%

0.00174

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5mm2-4pw5-g3w5

github

больше 3 лет назад