CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-4664

Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-4664

Wordfence Security Project » Wordfence Security » Version: 5.0.1

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.1
Wordfence Security Project » Wordfence Security » Version: 5.0.2

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.2
Wordfence Security Project » Wordfence Security » Version: 5.0.3

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.3
Wordfence Security Project » Wordfence Security » Version: 5.0.4

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.4
Wordfence Security Project » Wordfence Security » Version: 5.0.5

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.5
Wordfence Security Project » Wordfence Security » Version: 5.0.6

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.6
Wordfence Security Project » Wordfence Security » Version: 5.0.7

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.7
Wordfence Security Project » Wordfence Security » Version: 5.0.8

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.8
Wordfence Security Project » Wordfence Security » Version: 5.0.9

cpe:2.3:a:wordfence_security_project:wordfence_security:5.0.9
Wordfence Security Project » Wordfence Security » Version: 5.1.1

cpe:2.3:a:wordfence_security_project:wordfence_security:5.1.1
Wordfence Security Project » Wordfence Security » Version: 5.1.2

cpe:2.3:a:wordfence_security_project:wordfence_security:5.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-4664

Products

Pricing

Contact Us