Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2014-1888

Cross-site scripting (XSS) vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. NOTE: this can be exploited without authentication by leveraging CVE-2014-1889.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.6%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2014-1888


Contact Us

Shodan ® - All rights reserved