Vulnerability Details CVE-2014-4559
Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2014-4559
-
cpe:2.3:a:cybercompay:swipehq-payment-gateway-wp-e-commerce:-
-
cpe:2.3:a:cybercompay:swipehq-payment-gateway-wp-e-commerce:1.0
-
cpe:2.3:a:cybercompay:swipehq-payment-gateway-wp-e-commerce:2.0
-
cpe:2.3:a:cybercompay:swipehq-payment-gateway-wp-e-commerce:3.0.0
-
cpe:2.3:a:cybercompay:swipehq-payment-gateway-wp-e-commerce:3.1.0